Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: pin docker images by hash #12517

Merged
merged 5 commits into from
Mar 9, 2023
Merged

chore: pin docker images by hash #12517

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
a483da1
chore: pin docker images by hash
crenshaw-dev Feb 17, 2023
9b2becf
Apply suggestions from code review
crenshaw-dev Feb 28, 2023
08e9eb2
Update test/container/Dockerfile
crenshaw-dev Feb 28, 2023
9b6ddeb
Merge remote-tracking branch 'origin/master' into pin-docker-dependen…
crenshaw-dev Mar 8, 2023
d1e17f5
dependabot for each dir
crenshaw-dev Mar 8, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,28 @@ updates:
directory: "/ui/"
schedule:
interval: "daily"

- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "daily"
crenshaw-dev marked this conversation as resolved.
Show resolved Hide resolved

- package-ecosystem: "docker"
directory: "/test/container/"
schedule:
interval: "daily"

- package-ecosystem: "docker"
directory: "/test/e2e/multiarch-container/"
schedule:
interval: "daily"

- package-ecosystem: "docker"
directory: "/test/remote/"
schedule:
interval: "daily"

- package-ecosystem: "docker"
directory: "/ui-test/"
schedule:
interval: "daily"
2 changes: 1 addition & 1 deletion .gitpod.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM gitpod/workspace-full
FROM gitpod/workspace-full@sha256:d5787229cd062aceae91109f1690013d3f25062916492fb7f444d13de3186178

USER root

Expand Down
8 changes: 4 additions & 4 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
ARG BASE_IMAGE=docker.io/library/ubuntu:22.04
ARG BASE_IMAGE=docker.io/library/ubuntu:22.04@sha256:9a0bdde4188b896a372804be2384015e90e3f84906b750c1a53539b585fbbe7f
####################################################################################################
# Builder image
# Initial stage which pulls prepares build dependencies and CLI tooling we need for our final image
# Also used as the image in CI jobs so needs all dependencies
####################################################################################################
FROM docker.io/library/golang:1.19 AS builder
FROM docker.io/library/golang:1.19.6@sha256:7ce31d15a3a4dbf20446cccffa4020d3a2974ad2287d96123f55caf22c7adb71 AS builder

RUN echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list

Expand Down Expand Up @@ -83,7 +83,7 @@ WORKDIR /home/argocd
####################################################################################################
# Argo CD UI stage
####################################################################################################
FROM --platform=$BUILDPLATFORM docker.io/library/node:12.18.4 AS argocd-ui
FROM --platform=$BUILDPLATFORM docker.io/library/node:12.18.4@sha256:8cfe7e8dc60095a4f9d25a3f0f208503559fa033a15e2ddd87dee85bec101a2e AS argocd-ui

WORKDIR /src
COPY ["ui/package.json", "ui/yarn.lock", "./"]
Expand All @@ -101,7 +101,7 @@ RUN HOST_ARCH=$TARGETARCH NODE_ENV='production' NODE_ONLINE_ENV='online' NODE_OP
####################################################################################################
# Argo CD Build stage which performs the actual build of Argo CD binaries
####################################################################################################
FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.19 AS argocd-build
FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.19.6@sha256:7ce31d15a3a4dbf20446cccffa4020d3a2974ad2287d96123f55caf22c7adb71 AS argocd-build

WORKDIR /go/src/github.com/argoproj/argo-cd

Expand Down
2 changes: 1 addition & 1 deletion test/container/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ FROM docker.io/library/registry:2.8@sha256:3f71055ad7c41728e381190fee5c4cf9b8f77

FROM docker.io/bitnami/kubectl:1.26@sha256:625467eb8c3a3d60232923404941c32e787eb9003e644d0fa8258b0efa7f6a7f as kubectl

FROM ubuntu:22.04@sha256:9a0bdde4188b896a372804be2384015e90e3f84906b750c1a53539b585fbbe7f
FROM docker.io/library/ubuntu:22.04@sha256:9a0bdde4188b896a372804be2384015e90e3f84906b750c1a53539b585fbbe7f

ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install --fix-missing -y \
Expand Down
2 changes: 1 addition & 1 deletion test/e2e/multiarch-container/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
FROM docker.io/library/busybox
FROM docker.io/library/busybox@sha256:7b3ccabffc97de872a30dfd234fd972a66d247c8cfc69b0550f276481852627c
CMD exec sh -c "trap : TERM INT; echo 'Hi' && tail -f /dev/null"
2 changes: 1 addition & 1 deletion test/remote/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
ARG BASE_IMAGE=docker.io/library/ubuntu:22.04

FROM golang:1.19 AS go
FROM docker.io/library/golang:1.19.6@sha256:7ce31d15a3a4dbf20446cccffa4020d3a2974ad2287d96123f55caf22c7adb71 AS go

RUN go install github.com/mattn/goreman@latest && \
go install github.com/kisielk/godepgraph@latest
Expand Down
2 changes: 1 addition & 1 deletion ui-test/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM node:12.18.4 AS node
FROM docker.io/library/node:12.18.4@sha256:8cfe7e8dc60095a4f9d25a3f0f208503559fa033a15e2ddd87dee85bec101a2e AS node

RUN apt-get update && apt-get install --no-install-recommends -y \
software-properties-common
Expand Down