Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Re-pin Docker base image in Dockerfile #83

Merged
merged 1 commit into from
Oct 11, 2023
Merged

Re-pin Docker base image in Dockerfile #83

merged 1 commit into from
Oct 11, 2023

Conversation

atomist[bot]
Copy link
Contributor

@atomist atomist bot commented Mar 14, 2023
edited
Loading

This pull request re-pins the Docker base image alpine:edge in Dockerfile to the current digest.

skill-base/Dockerfile

Line 1 in 0265938

FROM alpine:edge@sha256:f2d1645cd73c7e54584dc225da0b5229d19223412d719669ebda764f41396853

Digest sha256:f2d1645cd73c7e54584dc225da0b5229d19223412d719669ebda764f41396853 references a multi-CPU architecture image manifest. This image supports the following architectures:

Changelog for alpine:edge

Commit

New image build caused by commit docker-library/official-images@6066110 to library/alpine:

alpine: snapshot 20230901

Comparison

Comparing Docker image alpine:edge at digests

Current sha256:5bd9939b4140caa8c716499e53438053b4e1aa872a170f4399ec71c00e23b835 (6.7mb) and
Proposed sha256:f2d1645cd73c7e54584dc225da0b5229d19223412d719669ebda764f41396853 (7.0mb):

Packages

No package differences detected

Files

The following file modifications were detected:

Name Current Proposed Diff
/bin/busybox 822kb 790kb -32kb
/bin/ed - 0b
/etc/alpine-release 19b 19b 0b
/etc/busybox-paths.d + 3.9kb
/etc/busybox-paths.d/busybox + 3.9kb
/etc/issue 75b 75b 0b
/etc/os-release 199b 199b 0b
/etc/profile 846b 950b 104b
/etc/profile.d/20locale.sh + 97b
/etc/profile.d/locale.sh - 0b
/etc/ssl/certs/ca-certificates.crt 207kb 209kb 2.7kb
/etc/ssl/misc/tsget.pl 6.6kb 6.6kb 0b
/etc/ssl/openssl.cnf 12kb 12kb 32b
/etc/ssl/openssl.cnf.dist 12kb 12kb 32b
/etc/udhcpc + 287b
/etc/udhcpc/udhcpc.conf + 287b
/lib/apk/db/installed 14kb 14kb 214b
/lib/apk/db/triggers 76b 76b 0b
/lib/ld-musl-x86_64.so.1 603kb 635kb 32kb
/lib/libapk.so.2.14.0 + 184kb
/lib/libapk.so.3.12.0 - 0b
/lib/libcrypto.so.3 3.7mb 4.1mb 402kb
/lib/libssl.so.3 588kb 532kb -56kb
/lib/libz.so.1 14b 11b -3b
/lib/libz.so.1.2.13 - 0b
/lib/libz.so.1.3 + 98kb
/sbin/apk 68kb 68kb 152b
/sbin/zcip + 12b
/usr/bin/getconf 34kb 34kb 224b
/usr/bin/getent 47kb 44kb -3.8kb
/usr/bin/iconv 24kb 24kb 72b
/usr/bin/scanelf 82kb 66kb -16kb
/usr/bin/ssl_client 14kb 14kb 32b
/usr/lib/engines-3/afalg.so 22kb 18kb -4.0kb
/usr/lib/engines-3/capi.so 14kb 14kb 16b
/usr/lib/engines-3/loader_attic.so 47kb 46kb -48b
/usr/lib/engines-3/padlock.so 22kb 22kb -48b
/usr/lib/ossl-modules/legacy.so 102kb 90kb -12kb

History

The following differences in docker history were detected:

-/bin/sh -c #(nop) ADD file:8202486f83c2c82076df2dd319507e087cea5a46fe1e30a280d100411f1c56eb in /
+/bin/sh -c #(nop) ADD file:29c14c7c2e428cb8604def76cf9e4a930cdfdc4ecab4928a051df45d6bb534cf in /
 /bin/sh -c #(nop)  CMD ["/bin/sh"]

Ports

No different exposed ports detected

Environment Variables

No different environment variables detected

Pinning FROM lines to digests makes your builds repeatable. Atomist will raise new pull requests whenever the tag moves, so that you know when the base image has been updated. You can follow a new tag at any time. Just replace the digest with the new tag you want to follow. Atomist, will switch to following this new tag.

File changed:

@atomist atomist bot added auto-merge:on-check-success Auto-merge on passed checks auto-merge-method:merge Auto-merge with merge commit auto-merge:on-approve Auto-merge on review approvals auto-branch-delete:on-close Delete branch when pull request gets closed labels Mar 14, 2023
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from 3d87bc6 to 252db75 Compare March 29, 2023 19:48
@atomist atomist bot removed the auto-merge:on-approve Auto-merge on review approvals label Mar 29, 2023
@atomist-bot
Re-pin Docker image alpine:edge
0265938 
alpine:edge@sha256:5bd9939b4140caa8c716499e53438053b4e1aa872a170f4399ec71c00e23b835
->
alpine:edge@sha256:f2d1645cd73c7e54584dc225da0b5229d19223412d719669ebda764f41396853

 [atomist:generated]
 [atomist-skill:atomist/docker-base-image-policy]

Signed-off-by: Atomist Bot <[email protected]>
@atomist atomist bot force-pushed the atomist/pin-docker-base-image/dockerfile branch from 252db75 to 0265938 Compare September 2, 2023 03:48
@fdiogo
Copy link

fdiogo commented Oct 6, 2023

@cdupuis would this be good to merge? Appears to be the most recent digest for alpine:edge (confirmed manually)

@cdupuis cdupuis merged commit d4c72dc into main Oct 11, 2023
3 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
auto-branch-delete:on-close Delete branch when pull request gets closed auto-merge:on-check-success Auto-merge on passed checks auto-merge-method:merge Auto-merge with merge commit
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fdiogo @cdupuis @atomist-bot