From 1f62a28d2acaac8e0500e91ec7ccbc25c131acce Mon Sep 17 00:00:00 2001 From: "renovate-sh-app[bot]" <219655108+renovate-sh-app[bot]@users.noreply.github.com> Date: Sun, 14 Dec 2025 01:26:00 +0000 Subject: [PATCH] chore(deps): pin dependencies | datasource | package | from | to | | ---------- | --------------------- | ----- | ----- | | npm | @rsbuild/core | 1.4.1 | 1.4.1 | | npm | @rsbuild/plugin-react | 1.3.2 | 1.3.2 | Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> --- .../workflows/publish-and-deploy-images.yaml | 2 +- docker-compose-cloud.yml | 14 ++++---- docker-compose-otel.yml | 30 ++++++++--------- docker-compose.yml | 32 +++++++++---------- source/docker/Dockerfile | 4 +-- source/mythical-beasts-frontend/Dockerfile | 4 +-- .../package-lock.json | 13 ++++++-- source/mythical-beasts-frontend/package.json | 4 +-- 8 files changed, 56 insertions(+), 47 deletions(-) diff --git a/.github/workflows/publish-and-deploy-images.yaml b/.github/workflows/publish-and-deploy-images.yaml index 92cfe439..9b8fa650 100644 --- a/.github/workflows/publish-and-deploy-images.yaml +++ b/.github/workflows/publish-and-deploy-images.yaml @@ -99,7 +99,7 @@ jobs: max-parallelism = 2 - name: Retrieve credentials from Vault - uses: grafana/shared-workflows/actions/get-vault-secrets@get-vault-secrets/v1.2.1 + uses: grafana/shared-workflows/actions/get-vault-secrets@9f37f656e063f0ad0b0bfc38d49894b57d363936 # get-vault-secrets/v1.2.1 with: common_secrets: | DOCKERHUB_USERNAME=dockerhub:username diff --git a/docker-compose-cloud.yml b/docker-compose-cloud.yml index f10fd306..dc526f1b 100644 --- a/docker-compose-cloud.yml +++ b/docker-compose-cloud.yml @@ -7,7 +7,7 @@ services: # auto-logs from those traces. # Includes Metrics, Logs, Traces and Profiles. alloy: - image: grafana/alloy:v1.9.1 + image: grafana/alloy:v1.9.1@sha256:b5fc87ff9a8941d6ed3ae5f099d9cb8598b3cd42fef9a8af128ed782258b4017 ports: - "12347:12345" - "12348:12348" @@ -28,7 +28,7 @@ services: # A RabbitMQ queue used to send message between the requester and the server microservices. mythical-queue: - image: rabbitmq:management + image: rabbitmq:management@sha256:9bb33c9605bf5995bc99a25ffc90b60a5ef4f65d6228b7aac81532fe6b4e29f4 restart: always ports: - "5672:5672" @@ -41,7 +41,7 @@ services: # A postgres DB used to store data by the API server microservice. mythical-database: - image: postgres:14.5 + image: postgres:14.5@sha256:135c62a8134dcef829a1e4f5568bfae44bcfa2c75659ff948f43c71964366aa4 restart: always environment: POSTGRES_PASSWORD: "mythical" @@ -57,7 +57,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-requester - image: grafana/intro-to-mltp:mythical-beasts-requester-latest + image: grafana/intro-to-mltp:mythical-beasts-requester-latest@sha256:dda1ba3347f2d117a3f70686ddf9dc4198b78ce568cfa630a1634fa717850e7e restart: always depends_on: mythical-queue: @@ -84,7 +84,7 @@ services: # args: # - REACT_APP_API_URL=/api # By default, this will try and send to Alloy instead of Grafana Cloud Frontend. - image: grafana/intro-to-mltp:mythical-beasts-frontend-latest + image: grafana/intro-to-mltp:mythical-beasts-frontend-latest@sha256:ae14df367d471b4437b709e8f9bc857c77280b514c986acd69f163d03a0e44eb restart: always depends_on: mythical-server: @@ -104,7 +104,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-server - image: grafana/intro-to-mltp:mythical-beasts-server-latest + image: grafana/intro-to-mltp:mythical-beasts-server-latest@sha256:90f92b40d2dfed8a647b3834ae5c8257ad7d2c08cf94d0689e98e4ad7f9c7717 restart: always ports: - "4000:4000" @@ -133,7 +133,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-recorder - image: grafana/intro-to-mltp:mythical-beasts-recorder-latest + image: grafana/intro-to-mltp:mythical-beasts-recorder-latest@sha256:dae10980a1f422d659d0862275f77dca42a735681c4c65a27d78eb719190e13d restart: always depends_on: mythical-queue: diff --git a/docker-compose-otel.yml b/docker-compose-otel.yml index bf07d7da..8495ab46 100644 --- a/docker-compose-otel.yml +++ b/docker-compose-otel.yml @@ -5,7 +5,7 @@ volumes: services: # The opentelemetry-collector batches and processes traces sent to it. opentelemetry-collector: - image: otel/opentelemetry-collector-contrib + image: otel/opentelemetry-collector-contrib@sha256:b14234c4bc1b7364629af272e564913bb57bdc9736d45b8b6db5ab3417dc75f9 ports: - "12347:12345" - "12348:12348" @@ -19,7 +19,7 @@ services: # The Grafana dashboarding server. grafana: - image: grafana/grafana:12.0.2 + image: grafana/grafana:12.0.2@sha256:b5b59bfc7561634c2d7b136c4543d702ebcc94a3da477f21ff26f89ffd4214fa volumes: - "./grafana/definitions:/var/lib/grafana/dashboards" - "./grafana/provisioning:/etc/grafana/provisioning" @@ -34,7 +34,7 @@ services: # A RabbitMQ queue used to send message between the requester and the server microservices. mythical-queue: - image: rabbitmq:management + image: rabbitmq:management@sha256:9bb33c9605bf5995bc99a25ffc90b60a5ef4f65d6228b7aac81532fe6b4e29f4 restart: always ports: - "5672:5672" @@ -47,7 +47,7 @@ services: # A postgres DB used to store data by the API server microservice. mythical-database: - image: postgres:14.5 + image: postgres:14.5@sha256:135c62a8134dcef829a1e4f5568bfae44bcfa2c75659ff948f43c71964366aa4 restart: always environment: POSTGRES_PASSWORD: "mythical" @@ -63,7 +63,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-requester - image: grafana/intro-to-mltp:mythical-beasts-requester-latest + image: grafana/intro-to-mltp:mythical-beasts-requester-latest@sha256:dda1ba3347f2d117a3f70686ddf9dc4198b78ce568cfa630a1634fa717850e7e restart: always depends_on: mythical-queue: @@ -91,7 +91,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-server - image: grafana/intro-to-mltp:mythical-beasts-server-latest + image: grafana/intro-to-mltp:mythical-beasts-server-latest@sha256:90f92b40d2dfed8a647b3834ae5c8257ad7d2c08cf94d0689e98e4ad7f9c7717 restart: always ports: - "4000:4000" @@ -115,7 +115,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-recorder - image: grafana/intro-to-mltp:mythical-beasts-recorder-latest + image: grafana/intro-to-mltp:mythical-beasts-recorder-latest@sha256:dae10980a1f422d659d0862275f77dca42a735681c4c65a27d78eb719190e13d restart: always depends_on: mythical-queue: @@ -135,7 +135,7 @@ services: # The Tempo service stores traces send to it by Grafana opentelemetry-collector, and takes # queries from Grafana to visualise those traces. tempo: - image: grafana/tempo:2.8.1 + image: grafana/tempo:2.8.1@sha256:bc9245fe3da4e63dc4c6862d9c2dad9bcd8be13d0ba4f7705fa6acda4c904d0e ports: - "3200:3200" - "55680:55680" @@ -148,7 +148,7 @@ services: # The Loki service stores logs sent to it, and takes queries from Grafana # to visualise those logs. loki: - image: grafana/loki:3.5.1 + image: grafana/loki:3.5.1@sha256:a74594532eec4cc313401beedc4dd2708c43674c032084b1aeb87c14a5be1745 command: ["--pattern-ingester.enabled=true", "-config.file=/etc/loki/loki.yaml"] ports: - "3100:3100" @@ -156,7 +156,7 @@ services: - "./loki/loki.yaml:/etc/loki/loki.yaml" mimir: - image: grafana/mimir:2.16.0 + image: grafana/mimir:2.16.0@sha256:f5850c2fd0d872fc029378558765aa79c4be66a5fca0d8c6bf0fc30971484555 command: ["-ingester.native-histograms-ingestion-enabled=true", "-config.file=/etc/mimir.yaml"] ports: - "9009:9009" @@ -164,13 +164,13 @@ services: - "./mimir/mimir.yaml:/etc/mimir.yaml" pyroscope: - image: grafana/pyroscope:1.13.5 + image: grafana/pyroscope:1.13.5@sha256:d3c3f2a97091af163d567a64f7779c832cd649aa86aeaba4cc1c0f56c0689a8d ports: - "4040:4040" command: ["server"] k6: - image: grafana/k6:0.58.0 + image: grafana/k6:0.58.0@sha256:6a4eabc37ea8274aff48804ff1add146b4eda476fdf50ea6e9cdf083a3967616 volumes: - "./k6:/scripts" environment: @@ -182,7 +182,7 @@ services: command: ["run", "-o", "experimental-prometheus-rw", "/scripts/mythical-loadtest.js"] beyla-requester: - image: grafana/beyla:2.1.0 + image: grafana/beyla:2.1.0@sha256:1614d0a995561eadb083a84ef65654f4b5351105135f41f9f2b2df59f4fa9c2f # Beyla requires to be run in the same process namespace as the process it's watching. # In Docker, we can do this by joining the namespace for the watched process with the Beyla # container watching it by using a specific `pid` label. @@ -227,7 +227,7 @@ services: condition: service_started beyla-server: - image: grafana/beyla:2.1.0 + image: grafana/beyla:2.1.0@sha256:1614d0a995561eadb083a84ef65654f4b5351105135f41f9f2b2df59f4fa9c2f # Beyla requires to be run in the same process namespace as the process it's watching. # In Docker, we can do this by joining the namespace for the watched process with the Beyla # container watching it by using a specific `pid` label. @@ -272,7 +272,7 @@ services: condition: service_started beyla-recorder: - image: grafana/beyla:2.1.0 + image: grafana/beyla:2.1.0@sha256:1614d0a995561eadb083a84ef65654f4b5351105135f41f9f2b2df59f4fa9c2f # Beyla requires to be run in the same process namespace as the process it's watching. # In Docker, we can do this by joining the namespace for the watched process with the Beyla # container watching it by using a specific `pid` label. diff --git a/docker-compose.yml b/docker-compose.yml index 9d64cbcc..56fa9913 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,7 +7,7 @@ services: # auto-logs from those traces. # Includes Metrics, Logs, Traces and Profiles. alloy: - image: grafana/alloy:v1.9.1 + image: grafana/alloy:v1.9.1@sha256:b5fc87ff9a8941d6ed3ae5f099d9cb8598b3cd42fef9a8af128ed782258b4017 ports: - "12350:12350" - "12347:12345" @@ -28,7 +28,7 @@ services: # The Grafana dashboarding server. grafana: - image: grafana/grafana:12.0.2 + image: grafana/grafana:12.0.2@sha256:b5b59bfc7561634c2d7b136c4543d702ebcc94a3da477f21ff26f89ffd4214fa volumes: - "./grafana/definitions:/var/lib/grafana/dashboards" - "./grafana/provisioning:/etc/grafana/provisioning" @@ -43,7 +43,7 @@ services: # A RabbitMQ queue used to send message between the requester and the server microservices. mythical-queue: - image: rabbitmq:management + image: rabbitmq:management@sha256:9bb33c9605bf5995bc99a25ffc90b60a5ef4f65d6228b7aac81532fe6b4e29f4 restart: always ports: - "5672:5672" @@ -56,7 +56,7 @@ services: # A postgres DB used to store data by the API server microservice. mythical-database: - image: postgres:14.5 + image: postgres:14.5@sha256:135c62a8134dcef829a1e4f5568bfae44bcfa2c75659ff948f43c71964366aa4 restart: always environment: POSTGRES_PASSWORD: "mythical" @@ -72,7 +72,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-requester - image: grafana/intro-to-mltp:mythical-beasts-requester-latest + image: grafana/intro-to-mltp:mythical-beasts-requester-latest@sha256:dda1ba3347f2d117a3f70686ddf9dc4198b78ce568cfa630a1634fa717850e7e restart: always depends_on: mythical-queue: @@ -103,7 +103,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-server - image: grafana/intro-to-mltp:mythical-beasts-server-latest + image: grafana/intro-to-mltp:mythical-beasts-server-latest@sha256:90f92b40d2dfed8a647b3834ae5c8257ad7d2c08cf94d0689e98e4ad7f9c7717 restart: always ports: - "4000:4000" @@ -132,7 +132,7 @@ services: # dockerfile: docker/Dockerfile # args: # SERVICE: mythical-beasts-recorder - image: grafana/intro-to-mltp:mythical-beasts-recorder-latest + image: grafana/intro-to-mltp:mythical-beasts-recorder-latest@sha256:dae10980a1f422d659d0862275f77dca42a735681c4c65a27d78eb719190e13d restart: always depends_on: mythical-queue: @@ -156,7 +156,7 @@ services: # dockerfile: Dockerfile # args: # - REACT_APP_API_URL=/api - image: grafana/intro-to-mltp:mythical-beasts-frontend-latest + image: grafana/intro-to-mltp:mythical-beasts-frontend-latest@sha256:ae14df367d471b4437b709e8f9bc857c77280b514c986acd69f163d03a0e44eb restart: always depends_on: mythical-server: @@ -169,7 +169,7 @@ services: # The Tempo service stores traces send to it by Grafana Alloy, and takes # queries from Grafana to visualise those traces. tempo: - image: grafana/tempo:2.8.1 + image: grafana/tempo:2.8.1@sha256:bc9245fe3da4e63dc4c6862d9c2dad9bcd8be13d0ba4f7705fa6acda4c904d0e ports: - "3200:3200" - "9411:9411" @@ -183,7 +183,7 @@ services: # The Loki service stores logs sent to it, and takes queries from Grafana # to visualise those logs. loki: - image: grafana/loki:3.5.1 + image: grafana/loki:3.5.1@sha256:a74594532eec4cc313401beedc4dd2708c43674c032084b1aeb87c14a5be1745 command: ["--pattern-ingester.enabled=true", "-config.file=/etc/loki/loki.yaml"] ports: - "3100:3100" @@ -191,7 +191,7 @@ services: - "./loki/loki.yaml:/etc/loki/loki.yaml" mimir: - image: grafana/mimir:2.16.0 + image: grafana/mimir:2.16.0@sha256:f5850c2fd0d872fc029378558765aa79c4be66a5fca0d8c6bf0fc30971484555 command: ["-ingester.native-histograms-ingestion-enabled=true", "-config.file=/etc/mimir.yaml"] ports: - "9009:9009" @@ -199,7 +199,7 @@ services: - "./mimir/mimir.yaml:/etc/mimir.yaml" k6: - image: grafana/k6:0.58.0 + image: grafana/k6:0.58.0@sha256:6a4eabc37ea8274aff48804ff1add146b4eda476fdf50ea6e9cdf083a3967616 volumes: - "./k6:/scripts" environment: @@ -211,13 +211,13 @@ services: command: ["run", "-o", "experimental-prometheus-rw", "/scripts/mythical-loadtest.js"] pyroscope: - image: grafana/pyroscope:1.13.5 + image: grafana/pyroscope:1.13.5@sha256:d3c3f2a97091af163d567a64f7779c832cd649aa86aeaba4cc1c0f56c0689a8d ports: - "4040:4040" command: ["server"] beyla-requester: - image: grafana/beyla:2.1.0 + image: grafana/beyla:2.1.0@sha256:1614d0a995561eadb083a84ef65654f4b5351105135f41f9f2b2df59f4fa9c2f # Beyla requires to be run in the same process namespace as the process it's watching. # In Docker, we can do this by joining the namespace for the watched process with the Beyla # container watching it by using a specific `pid` label. @@ -261,7 +261,7 @@ services: condition: service_started beyla-server: - image: grafana/beyla:2.1.0 + image: grafana/beyla:2.1.0@sha256:1614d0a995561eadb083a84ef65654f4b5351105135f41f9f2b2df59f4fa9c2f # Beyla requires to be run in the same process namespace as the process it's watching. # In Docker, we can do this by joining the namespace for the watched process with the Beyla # container watching it by using a specific `pid` label. @@ -305,7 +305,7 @@ services: condition: service_started beyla-recorder: - image: grafana/beyla:2.1.0 + image: grafana/beyla:2.1.0@sha256:1614d0a995561eadb083a84ef65654f4b5351105135f41f9f2b2df59f4fa9c2f # Beyla requires to be run in the same process namespace as the process it's watching. # In Docker, we can do this by joining the namespace for the watched process with the Beyla # container watching it by using a specific `pid` label. diff --git a/source/docker/Dockerfile b/source/docker/Dockerfile index 509538e6..7908156e 100644 --- a/source/docker/Dockerfile +++ b/source/docker/Dockerfile @@ -1,5 +1,5 @@ # Multistage build - allows for smaller final images post Python build -FROM node:23-alpine3.20 AS builder +FROM node:23-alpine3.20@sha256:78d6e102e0889545bcf80ded837034f485ba7f7ebe09211d0f2d383082a7a047 AS builder ARG SERVICE WORKDIR /usr/src/app @@ -22,7 +22,7 @@ RUN npm install --production \ && rm -rf /tmp/* # Create a slimmer image using the built node_modules -FROM node:23-alpine3.20 +FROM node:23-alpine3.20@sha256:78d6e102e0889545bcf80ded837034f485ba7f7ebe09211d0f2d383082a7a047 ARG SERVICE WORKDIR /usr/src/app diff --git a/source/mythical-beasts-frontend/Dockerfile b/source/mythical-beasts-frontend/Dockerfile index 9756ec01..252d3d2d 100644 --- a/source/mythical-beasts-frontend/Dockerfile +++ b/source/mythical-beasts-frontend/Dockerfile @@ -1,5 +1,5 @@ # Build stage -FROM node:18-alpine AS build +FROM node:18-alpine@sha256:8d6421d663b4c28fd3ebc498332f249011d118945588d0a35cb9bc4b8ca09d9e AS build # Accept build arguments (only keep API URL for build-time configuration) ARG REACT_APP_API_URL @@ -22,7 +22,7 @@ COPY . . RUN npm run build # Production stage -FROM nginx:alpine +FROM nginx:alpine@sha256:052b75ab72f690f33debaa51c7e08d9b969a0447a133eb2b99cc905d9188cb2b # Copy custom nginx config COPY nginx.conf /etc/nginx/nginx.conf diff --git a/source/mythical-beasts-frontend/package-lock.json b/source/mythical-beasts-frontend/package-lock.json index c9782627..402ef927 100644 --- a/source/mythical-beasts-frontend/package-lock.json +++ b/source/mythical-beasts-frontend/package-lock.json @@ -15,8 +15,8 @@ "react-dom": "^18.2.0" }, "devDependencies": { - "@rsbuild/core": "^1.0.0", - "@rsbuild/plugin-react": "^1.0.0", + "@rsbuild/core": "1.4.1", + "@rsbuild/plugin-react": "1.3.2", "@types/react": "^18.2.0", "@types/react-dom": "^18.2.0" } @@ -158,6 +158,7 @@ "version": "1.9.0", "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.0.tgz", "integrity": "sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==", + "peer": true, "engines": { "node": ">=8.0.0" } @@ -436,6 +437,8 @@ "resolved": "https://registry.npmjs.org/@rsbuild/core/-/core-1.4.1.tgz", "integrity": "sha512-zNCfuTtQq3CyO1Hf5AaAHftdD/Py9j3grwGSsA5wUp1DR9GX4D3lCZGvc5xDnSQvEu+BADiN5wZ3HTn1HQNDkQ==", "dev": true, + "license": "MIT", + "peer": true, "dependencies": { "@rspack/core": "1.4.1", "@rspack/lite-tapable": "~1.0.1", @@ -455,6 +458,7 @@ "resolved": "https://registry.npmjs.org/@rsbuild/plugin-react/-/plugin-react-1.3.2.tgz", "integrity": "sha512-H4blXmgvVOrQlVy4ZfJ5IGfQIF5uKwtkGzwVnEsn1HN7DRRI9VlFrcuXj6+e3GigvYxg6TDHAAUJi6FoIGbnKQ==", "dev": true, + "license": "MIT", "dependencies": { "@rspack/plugin-react-refresh": "~1.4.3", "react-refresh": "^0.17.0" @@ -666,6 +670,7 @@ "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.17.tgz", "integrity": "sha512-5IKx/Y13RsYd+sauPb2x+U/xZikHjolzfuDgTAl/Tdf3Q8rslRvC19NKDLgAJQ6wsqADk10ntlv08nPFw/gO/A==", "dev": true, + "peer": true, "dependencies": { "tslib": "^2.8.0" } @@ -699,6 +704,7 @@ "resolved": "https://registry.npmjs.org/@types/react/-/react-18.3.23.tgz", "integrity": "sha512-/LDXMQh55EzZQ0uVAZmKKhfENivEvWz6E+EYzh+/MCjMhNsotd+ZHhBGIjFDTi6+fz0OhQQQLbTgdQIxxCsC0w==", "dev": true, + "peer": true, "dependencies": { "@types/prop-types": "*", "csstype": "^3.0.2" @@ -722,6 +728,7 @@ "version": "8.15.0", "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", + "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -1153,6 +1160,7 @@ "version": "18.3.1", "resolved": "https://registry.npmjs.org/react/-/react-18.3.1.tgz", "integrity": "sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==", + "peer": true, "dependencies": { "loose-envify": "^1.1.0" }, @@ -1177,6 +1185,7 @@ "resolved": "https://registry.npmjs.org/react-refresh/-/react-refresh-0.17.0.tgz", "integrity": "sha512-z6F7K9bV85EfseRCp2bzrpyQ0Gkw1uLoCel9XBVWPg/TjRj94SkJzUTGfOa4bs7iJvBWtQG0Wq7wnI0syw3EBQ==", "dev": true, + "peer": true, "engines": { "node": ">=0.10.0" } diff --git a/source/mythical-beasts-frontend/package.json b/source/mythical-beasts-frontend/package.json index abea1819..e19df99c 100644 --- a/source/mythical-beasts-frontend/package.json +++ b/source/mythical-beasts-frontend/package.json @@ -11,8 +11,8 @@ "react-dom": "^18.2.0" }, "devDependencies": { - "@rsbuild/core": "^1.0.0", - "@rsbuild/plugin-react": "^1.0.0", + "@rsbuild/core": "1.4.1", + "@rsbuild/plugin-react": "1.3.2", "@types/react": "^18.2.0", "@types/react-dom": "^18.2.0" },