Skip to content
This repository has been archived by the owner on Feb 23, 2024. It is now read-only.

Re-pin Docker base images in Dockerfile #18

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Re-pin Docker base images in Dockerfile #18

wants to merge 2 commits into from

Conversation

atomist[bot]
Copy link
Contributor

@atomist atomist bot commented Oct 14, 2022
edited
Loading

This pull request re-pins the following Docker base images in Dockerfile to their current digests.

go-format-skill/Dockerfile

Line 2 in ceaf545

FROM node:lts@sha256:5f21943fe97b24ae1740da6d7b9c56ac43fe3495acb47c1b232b0a352b02a25c AS build

go-format-skill/Dockerfile

Line 13 in ceaf545

FROM golang:1.19-alpine3.16@sha256:7d7cc4682f31c69ac36c34cdbd2a5d1963c7c007ed423b7b58b73613ae085e39

Digest sha256:7d7cc4682f31c69ac36c34cdbd2a5d1963c7c007ed423b7b58b73613ae085e39 references a multi-CPU architecture image manifest. This image supports the following architectures:

Changelog for golang:1.19-alpine3.16

Commit

New image build caused by commit docker-library/official-images@1725ca7 to library/golang:

Update golang

Changes:

- https://github.com/docker-library/golang/commit/079c1fa: Update 1.21 to 1.21.3
- https://github.com/docker-library/golang/commit/ef9079f: Update 1.20 to 1.20.10

Comparison

Comparing Docker image golang:1.19-alpine3.16 at digests

Current sha256:f3e683657ddf73726b5717c2ff80cdcd9e9efb7d81f77e4948fada9a10dc7257 (336mb) and
Proposed sha256:7d7cc4682f31c69ac36c34cdbd2a5d1963c7c007ed423b7b58b73613ae085e39 (336mb):

Packages

No package differences detected

Files

The following file modifications were detected:

Name Current Proposed Diff
/etc/alpine-release 7b 7b 0b
/etc/nsswitch.conf 17b 205b 188b
/etc/os-release 188b 188b 0b
/etc/ssl/misc/tsget.pl 6.4kb 6.4kb 0b
/lib/apk/db/installed 24kb 24kb 49b
/lib/ld-musl-x86_64.so.1 591kb 591kb 0b
/lib/libcrypto.so.1.1 2.5mb 2.5mb 4.0kb
/lib/libssl.so.1.1 511kb 511kb 0b
/usr/bin/getconf 34kb 34kb 0b
/usr/bin/getent 48kb 48kb 0b
/usr/bin/iconv 24kb 24kb 0b
/usr/lib/engines-1.1/afalg.so 22kb 22kb 0b
/usr/lib/engines-1.1/capi.so 14kb 14kb 0b
/usr/lib/engines-1.1/padlock.so 26kb 26kb 0b
/usr/local/go/VERSION 8b 8b 0b
/usr/local/go/bin/go 15mb 15mb 35kb
/usr/local/go/bin/gofmt 3.2mb 3.2mb 1.4kb
/usr/local/go/misc/cgo/testcshared/cshared_test.go 22kb 22kb 510b
/usr/local/go/pkg/linux_amd64 (238 files changed) 99mb 99mb 127kb
/usr/local/go/pkg/tool (17 files changed) 104mb 104mb 99kb
/usr/local/go/src/cmd (44 files changed) 4.0mb 4.0mb 17kb
/usr/local/go/src/crypto (27 files changed) 820kb 829kb 9.0kb
/usr/local/go/src/go (3 files changed) 66kb 67kb 715b
/usr/local/go/src/go.mod 288b 288b 0b
/usr/local/go/src/go.sum 840b 840b 0b
/usr/local/go/src/html (13 files changed) 168kb 172kb 3.6kb
/usr/local/go/src/internal (10 files changed) 8.9kb 22kb 13kb
/usr/local/go/src/mime (4 files changed) 22kb 34kb 12kb
/usr/local/go/src/net (11 files changed) 748kb 752kb 4.0kb
/usr/local/go/src/os (10 files changed) 150kb 150kb -485b
/usr/local/go/src/path (3 files changed) 70kb 70kb 341b
/usr/local/go/src/runtime (44 files changed) 1000kb 1005kb 5.4kb
/usr/local/go/src/sync (3 files changed) 75kb 75kb 320b
/usr/local/go/src/syscall (66 files changed) 1.4mb 1.4mb 12kb
/usr/local/go/src/time (5 files changed) 104kb 105kb 873b
/usr/local/go/src/vendor (2 files changed) 15kb 16kb 350b
/usr/local/go/test/codegen/retpoline.go 224b 578b 354b
/usr/local/go/test/fixedbugs (10 files changed) + 5.5kb

History

The following differences in docker history were detected:

-/bin/sh -c #(nop) ADD file:2a949686d9886ac7c10582a6c29116fd29d3077d02755e87e111870d63607725 in /
+/bin/sh -c #(nop) ADD file:970e6b2578ef73457ffed1189e8ba128b0211cabd3174b8c7d3afd8fb58ad614 in /
 /bin/sh -c #(nop)  CMD ["/bin/sh"]
 /bin/sh -c apk add --no-cache ca-certificates
-/bin/sh -c [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf
 /bin/sh -c #(nop)  ENV PATH=/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
-/bin/sh -c #(nop)  ENV GOLANG_VERSION=1.19.2
-/bin/sh -c set -eux; 	apk add --no-cache --virtual .fetch-deps gnupg; 	arch="$(apk --print-arch)"; 	url=; 	case "$arch" in 		'x86_64') 			export GOAMD64='v1' GOARCH='amd64' GOOS='linux'; 			;; 		'armhf') 			export GOARCH='arm' GOARM='6' GOOS='linux'; 			;; 		'armv7') 			export GOARCH='arm' GOARM='7' GOOS='linux'; 			;; 		'aarch64') 			export GOARCH='arm64' GOOS='linux'; 			;; 		'x86') 			export GO386='softfloat' GOARCH='386' GOOS='linux'; 			;; 		'ppc64le') 			export GOARCH='ppc64le' GOOS='linux'; 			;; 		's390x') 			export GOARCH='s390x' GOOS='linux'; 			;; 		*) echo >&2 "error: unsupported architecture '$arch' (likely packaging update needed)"; exit 1 ;; 	esac; 	build=; 	if [ -z "$url" ]; then 		build=1; 		url='https://dl.google.com/go/go1.19.2.src.tar.gz'; 		sha256='2ce930d70a931de660fdaf271d70192793b1b240272645bf0275779f6704df6b'; 	fi; 		wget -O go.tgz.asc "$url.asc"; 	wget -O go.tgz "$url"; 	echo "$sha256 *go.tgz" | sha256sum -c -; 		GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; 	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC  EC91 7721 F63B D38B 4796'; 	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys '2F52 8D36 D67B 69ED F998  D857 78BD 6547 3CB3 BD13'; 	gpg --batch --verify go.tgz.asc go.tgz; 	gpgconf --kill all; 	rm -rf "$GNUPGHOME" go.tgz.asc; 		tar -C /usr/local -xzf go.tgz; 	rm go.tgz; 		if [ -n "$build" ]; then 		apk add --no-cache --virtual .build-deps 			bash 			gcc 			go 			musl-dev 		; 				export GOCACHE='/tmp/gocache'; 				( 			cd /usr/local/go/src; 			export GOROOT_BOOTSTRAP="$(go env GOROOT)" GOHOSTOS="$GOOS" GOHOSTARCH="$GOARCH"; 			if [ "${GOARCH:-}" = '386' ]; then 				export CGO_CFLAGS='-fno-stack-protector'; 			fi; 			./make.bash; 		); 				apk del --no-network .build-deps; 				rm -rf 			/usr/local/go/pkg/*/cmd 			/usr/local/go/pkg/bootstrap 			/usr/local/go/pkg/obj 			/usr/local/go/pkg/tool/*/api 			/usr/local/go/pkg/tool/*/go_bootstrap 			/usr/local/go/src/cmd/dist/dist 			"$GOCACHE" 		; 	fi; 		apk del --no-network .fetch-deps; 		go version
+/bin/sh -c #(nop)  ENV GOLANG_VERSION=1.19.9
+/bin/sh -c set -eux; 	apk add --no-cache --virtual .fetch-deps gnupg; 	arch="$(apk --print-arch)"; 	url=; 	case "$arch" in 		'x86_64') 			export GOAMD64='v1' GOARCH='amd64' GOOS='linux'; 			;; 		'armhf') 			export GOARCH='arm' GOARM='6' GOOS='linux'; 			;; 		'armv7') 			export GOARCH='arm' GOARM='7' GOOS='linux'; 			;; 		'aarch64') 			export GOARCH='arm64' GOOS='linux'; 			;; 		'x86') 			export GO386='softfloat' GOARCH='386' GOOS='linux'; 			;; 		'ppc64le') 			export GOARCH='ppc64le' GOOS='linux'; 			;; 		's390x') 			export GOARCH='s390x' GOOS='linux'; 			;; 		*) echo >&2 "error: unsupported architecture '$arch' (likely packaging update needed)"; exit 1 ;; 	esac; 	build=; 	if [ -z "$url" ]; then 		build=1; 		url='https://dl.google.com/go/go1.19.9.src.tar.gz'; 		sha256='131190a4697a70c5b1d232df5d3f55a3f9ec0e78e40516196ffb3f09ae6a5744'; 	fi; 		wget -O go.tgz.asc "$url.asc"; 	wget -O go.tgz "$url"; 	echo "$sha256 *go.tgz" | sha256sum -c -; 		GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; 	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 'EB4C 1BFD 4F04 2F6D DDCC  EC91 7721 F63B D38B 4796'; 	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys '2F52 8D36 D67B 69ED F998  D857 78BD 6547 3CB3 BD13'; 	gpg --batch --verify go.tgz.asc go.tgz; 	gpgconf --kill all; 	rm -rf "$GNUPGHOME" go.tgz.asc; 		tar -C /usr/local -xzf go.tgz; 	rm go.tgz; 		if [ -n "$build" ]; then 		apk add --no-cache --virtual .build-deps 			bash 			gcc 			go 			musl-dev 		; 				export GOCACHE='/tmp/gocache'; 				( 			cd /usr/local/go/src; 			export GOROOT_BOOTSTRAP="$(go env GOROOT)" GOHOSTOS="$GOOS" GOHOSTARCH="$GOARCH"; 			if [ "${GOARCH:-}" = '386' ]; then 				export CGO_CFLAGS='-fno-stack-protector'; 			fi; 			./make.bash; 		); 				apk del --no-network .build-deps; 				rm -rf 			/usr/local/go/pkg/*/cmd 			/usr/local/go/pkg/bootstrap 			/usr/local/go/pkg/obj 			/usr/local/go/pkg/tool/*/api 			/usr/local/go/pkg/tool/*/go_bootstrap 			/usr/local/go/src/cmd/dist/dist 			"$GOCACHE" 		; 	fi; 		apk del --no-network .fetch-deps; 		go version
 /bin/sh -c #(nop)  ENV GOPATH=/go
 /bin/sh -c #(nop)  ENV PATH=/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
-/bin/sh -c mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH"
+/bin/sh -c mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 1777 "$GOPATH"
 /bin/sh -c #(nop) WORKDIR /go

Ports

No different exposed ports detected

Environment Variables

The following different environment variables were detected:

-GOLANG_VERSION 1.19.2
+GOLANG_VERSION 1.19.9

Pinning FROM lines to digests makes your builds repeatable. Atomist will raise new pull requests whenever the tag moves, so that you know when the base image has been updated. You can follow a new tag at any time. Just replace the digest with the new tag you want to follow. Atomist, will switch to following this new tag.

File changed:

@atomist atomist bot added auto-merge:on-check-success Auto-merge on passed checks auto-merge-method:merge Auto-merge with merge commit auto-branch-delete:on-close Delete branch when pull request gets closed and removed auto-branch-delete:on-close Delete branch when pull request gets closed auto-merge-method:merge Auto-merge with merge commit labels Oct 14, 2022
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from 0facd6e to 9a4f3c7 Compare October 26, 2022 01:24
@atomist atomist bot changed the title Re-pin Docker base image in Dockerfile Re-pin Docker base images in Dockerfile Oct 26, 2022
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 5 times, most recently from c302aac to 33b8e30 Compare November 2, 2022 06:36
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 5 times, most recently from f38aa25 to a13ad31 Compare November 16, 2022 06:48
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 2 times, most recently from 7e4dc97 to b47931c Compare November 17, 2022 16:48
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 5 times, most recently from a95c939 to c2959ff Compare December 7, 2022 22:12
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from c2959ff to b4c89bc Compare December 21, 2022 23:12
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 3 times, most recently from f6c22c3 to 411f71e Compare January 12, 2023 04:13
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 2 times, most recently from fd089a2 to 8ed5175 Compare February 5, 2023 06:48
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 3 times, most recently from 3229281 to 1917ef3 Compare April 14, 2023 05:12
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 3 times, most recently from a0faaf9 to 520c76c Compare May 5, 2023 09:48
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 2 times, most recently from 85ba344 to 48c5dd7 Compare May 24, 2023 16:49
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 2 times, most recently from 82779e4 to 092f994 Compare June 14, 2023 22:48
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from 092f994 to 8c3ee7b Compare June 22, 2023 16:24
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from f0869c4 to 1ddac0b Compare July 6, 2023 04:12
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from 1ddac0b to ec7419a Compare July 20, 2023 16:24
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 2 times, most recently from 7681e1d to 12367ed Compare July 29, 2023 09:12
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 4 times, most recently from 1047d7f to dd5157f Compare August 17, 2023 16:25
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 2 times, most recently from 6e1ed83 to eed5782 Compare September 8, 2023 21:24
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 2 times, most recently from 549b039 to c562b01 Compare September 21, 2023 10:24
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch 3 times, most recently from 96c2319 to 663b3dc Compare October 19, 2023 10:24
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from 663b3dc to 1972692 Compare October 26, 2023 04:24
@atomist-bot
Re-pin Docker image node:lts
6091b19 
node:lts@sha256:b35e76ba744a975b9a5428b6c3cde1a1cf0be53b246e1e9a4874f87034222b5a
->
node:lts@sha256:5f21943fe97b24ae1740da6d7b9c56ac43fe3495acb47c1b232b0a352b02a25c

 [atomist:generated]
 [atomist-skill:atomist/docker-base-image-policy]

Signed-off-by: Atomist Bot <[email protected]>
@atomist-bot
Re-pin Docker image golang:1.19-alpine3.16
ceaf545 
golang:1.19-alpine3.16@sha256:f3e683657ddf73726b5717c2ff80cdcd9e9efb7d81f77e4948fada9a10dc7257
->
golang:1.19-alpine3.16@sha256:7d7cc4682f31c69ac36c34cdbd2a5d1963c7c007ed423b7b58b73613ae085e39

 [atomist:generated]
 [atomist-skill:atomist/docker-base-image-policy]

Signed-off-by: Atomist Bot <[email protected]>
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from 1972692 to ceaf545 Compare November 1, 2023 22:36
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
auto-merge:on-check-success Auto-merge on passed checks
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@atomist-bot