Contribution request: Dockerfile base_image ARG

[jameshochadel]

Is your feature request related to a problem? Please describe.

My team would like to use the oci-build-task, but we must only run container images that are built on a hardened base image in our environment. The Dockerfile uses a hardcoded base image, so we cannot use the images built upstream or build an image from the Dockerfile ourselves without modifications.

Describe the solution you'd like

Several resources maintained by Concourse, such as the registry-image-resource, parameterize the base image in their Dockerfiles using a build arg. For example: https://github.com/concourse/registry-image-resource/blob/13bcb3c09c71580d69d46d236d69d0669f9c2b6f/Dockerfile#L1

I propose changing the Dockerfile in oci-build-task to use the same approach. I am willing to submit a PR to make this change, but I wanted to propose it first. I am not sure if there are different considerations for a task in general vs a resource, or for this task in particular.

Describe alternatives you've considered

Without the base image passed as an argument, our team will need to fork the oci-build-task and maintain a modified Dockerfile. Since we've been able to build several concourse/*-resource images directly using their parameterized Dockerfiles, I hope we can do the same with this task.

Additional context

No response