diff --git a/.changelog/2204.txt b/.changelog/2204.txt new file mode 100644 index 0000000000..6962f485a0 --- /dev/null +++ b/.changelog/2204.txt @@ -0,0 +1,3 @@ +```release-note:security +Bump Dockerfile base image for RedHat UBI `consul-k8s-control-plane` image to `ubi-minimal:9.2`. +``` diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9ce46f1704..4fd9ae3cfd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -162,7 +162,7 @@ jobs: if: ${{ matrix.goos == 'linux' && matrix.component == 'cli' && matrix.goarch == 'amd64'}} uses: addnab/docker-run-action@v3 with: - image: registry.access.redhat.com/ubi8/ubi:latest + image: registry.access.redhat.com/ubi9/ubi:latest options: -v ${{ github.workspace }}:/work run: | dnf install -qy openssl diff --git a/control-plane/Dockerfile b/control-plane/Dockerfile index 850cdd42c6..592398d8bc 100644 --- a/control-plane/Dockerfile +++ b/control-plane/Dockerfile @@ -117,7 +117,7 @@ CMD /bin/${BIN_NAME} # We don't rebuild the software because we want the exact checksums and # binary signatures to match the software and our builds aren't fully # reproducible currently. -FROM registry.access.redhat.com/ubi9-minimal:9.1.0 as ubi +FROM registry.access.redhat.com/ubi9-minimal:9.2 as ubi ARG PRODUCT_NAME ARG PRODUCT_VERSION