diff --git a/Dockerfile.cli-stack.rh b/Dockerfile.cli-stack.rh index f552839b60..d26ff8b768 100644 --- a/Dockerfile.cli-stack.rh +++ b/Dockerfile.cli-stack.rh @@ -8,7 +8,7 @@ FROM --platform=linux/arm64 quay.io/securesign/trillian-updatetree@sha256:f95d FROM --platform=linux/ppc64le quay.io/securesign/trillian-updatetree@sha256:02247a33df9109b5c4598730d0a61546ab766f3dee9bfa270b99acd331b86a1d AS updatetree-ppc64le FROM --platform=linux/s390x quay.io/securesign/trillian-updatetree@sha256:d316d332bb6c106b18ba6f7b1ca4bbda5d0fc376c29b978323c55da75c5650df AS updatetree-s390x -FROM registry.redhat.io/ubi9/go-toolset:9.7-1777898790@sha256:59ec4752cf86f0d0dd240b9e29c64d6ee560c28fc986171e126db1db216a246a AS packager +FROM registry.redhat.io/ubi9/go-toolset:9.7-1778171507@sha256:f9c8537423d96da6c0e704a7d40a1bd5401c4287a05c7f7f196550a5a375a6b6 AS packager USER root RUN mkdir -p /binaries @@ -87,7 +87,7 @@ RUN gzip -d /tmp/updatetree-windows-amd64.exe.gz && \ rm /tmp/updatetree-windows-amd64.exe # Final minimal image with all binaries -FROM registry.redhat.io/ubi9/ubi-minimal@sha256:8d0a8fb39ec907e8ca62cdd24b62a63ca49a30fe465798a360741fde58437a23 +FROM registry.redhat.io/ubi9/ubi-minimal@sha256:b9b10f42d7eba7ad4a6d5ef26b7d34fdc892b2ffe59b8d0372ec884008569eb6 LABEL description="Flat image containing createtree and updatetree CLI binaries for all platforms and architectures" LABEL io.k8s.description="Flat image containing createtree and updatetree CLI binaries for all platforms and architectures" diff --git a/Dockerfile.createtree.rh b/Dockerfile.createtree.rh index 41d378b480..b7c1c3e84a 100644 --- a/Dockerfile.createtree.rh +++ b/Dockerfile.createtree.rh @@ -1,4 +1,4 @@ -FROM registry.redhat.io/ubi9/go-toolset:9.7-1777898790@sha256:59ec4752cf86f0d0dd240b9e29c64d6ee560c28fc986171e126db1db216a246a AS build +FROM registry.redhat.io/ubi9/go-toolset:9.7-1778171507@sha256:f9c8537423d96da6c0e704a7d40a1bd5401c4287a05c7f7f196550a5a375a6b6 AS build ENV APP_ROOT=/opt/app-root \ GOPATH=/opt/app-root \ CGO_ENABLED=1 \ @@ -19,7 +19,7 @@ RUN go mod download && \ gzip createtree-windows-amd64.exe # Multi-Stage production build -FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:8d0a8fb39ec907e8ca62cdd24b62a63ca49a30fe465798a360741fde58437a23 AS deploy +FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:b9b10f42d7eba7ad4a6d5ef26b7d34fdc892b2ffe59b8d0372ec884008569eb6 AS deploy # Add license file COPY LICENSE /licenses/LICENSE diff --git a/Dockerfile.database.rh b/Dockerfile.database.rh index 80dd1ae22b..71f9bbc9d2 100644 --- a/Dockerfile.database.rh +++ b/Dockerfile.database.rh @@ -1,4 +1,4 @@ -FROM registry.redhat.io/rhel9/mariadb-105@sha256:04b4c4d865e6d56d44e6bad3e100ae14e66052ee0ea84368c74b014b883647e4 +FROM registry.redhat.io/rhel9/mariadb-105@sha256:382c2a0069b9799a1bff19c4f20380005099581e2cd16d7e80fa3518bb31e9ae USER root diff --git a/Dockerfile.logserver.rh b/Dockerfile.logserver.rh index 78b8799e13..d47e72afd9 100644 --- a/Dockerfile.logserver.rh +++ b/Dockerfile.logserver.rh @@ -1,4 +1,4 @@ -FROM registry.redhat.io/ubi9/go-toolset:9.7-1777898790@sha256:59ec4752cf86f0d0dd240b9e29c64d6ee560c28fc986171e126db1db216a246a AS builder +FROM registry.redhat.io/ubi9/go-toolset:9.7-1778171507@sha256:f9c8537423d96da6c0e704a7d40a1bd5401c4287a05c7f7f196550a5a375a6b6 AS builder ENV APP_ROOT=/opt/app-root ENV GOPATH=$APP_ROOT ENV CGO_ENABLED=1 @@ -16,7 +16,7 @@ ADD ./ $APP_ROOT/src/ RUN go build -mod=mod -v ./cmd/trillian_log_server # Multi-Stage production build -FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:8d0a8fb39ec907e8ca62cdd24b62a63ca49a30fe465798a360741fde58437a23 AS deploy +FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:b9b10f42d7eba7ad4a6d5ef26b7d34fdc892b2ffe59b8d0372ec884008569eb6 AS deploy # Retrieve the binary from the previous stage COPY --from=builder /opt/app-root/src/trillian_log_server / diff --git a/Dockerfile.logsigner.rh b/Dockerfile.logsigner.rh index 0bb168677a..c71ed00706 100644 --- a/Dockerfile.logsigner.rh +++ b/Dockerfile.logsigner.rh @@ -1,4 +1,4 @@ -FROM registry.redhat.io/ubi9/go-toolset:9.7-1777898790@sha256:59ec4752cf86f0d0dd240b9e29c64d6ee560c28fc986171e126db1db216a246a AS builder +FROM registry.redhat.io/ubi9/go-toolset:9.7-1778171507@sha256:f9c8537423d96da6c0e704a7d40a1bd5401c4287a05c7f7f196550a5a375a6b6 AS builder ENV APP_ROOT=/opt/app-root ENV GOPATH=$APP_ROOT ENV CGO_ENABLED=1 @@ -16,7 +16,7 @@ ADD ./ $APP_ROOT/src/ RUN go build -mod=mod -v ./cmd/trillian_log_signer # Multi-Stage production build -FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:8d0a8fb39ec907e8ca62cdd24b62a63ca49a30fe465798a360741fde58437a23 AS deploy +FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:b9b10f42d7eba7ad4a6d5ef26b7d34fdc892b2ffe59b8d0372ec884008569eb6 AS deploy # Retrieve the binary from the previous stage COPY --from=builder /opt/app-root/src/trillian_log_signer / diff --git a/Dockerfile.netcat.rh b/Dockerfile.netcat.rh index c0ea6623e1..8b3b3adbe3 100644 --- a/Dockerfile.netcat.rh +++ b/Dockerfile.netcat.rh @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:8d0a8fb39ec907e8ca62cdd24b62a63ca49a30fe465798a360741fde58437a23 +FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:b9b10f42d7eba7ad4a6d5ef26b7d34fdc892b2ffe59b8d0372ec884008569eb6 LABEL description="Netcat is a computer networking utility for reading from and writing to network connections using TCP or UDP." LABEL io.k8s.description="netcat is a computer networking utility for reading from and writing to network connections using TCP or UDP." diff --git a/Dockerfile.redis.rh b/Dockerfile.redis.rh index ec2b2ab9b6..9019255492 100644 --- a/Dockerfile.redis.rh +++ b/Dockerfile.redis.rh @@ -1,4 +1,4 @@ -FROM registry.redhat.io/rhel9/redis-6@sha256:7cd55174d27b41f59c2a0831cc31a5557a90f81d51f30c1e26232303898671ea +FROM registry.redhat.io/rhel9/redis-6@sha256:0a73c6d05423299c3f1997d875672935a4e5106b726a92c0da87a16e48a37730 LABEL description="Securesign redis is built ontop of rhel9/redis-6 but accepts external connections and runs appendonly mode with full durability." LABEL io.k8s.description="Securesign redis is built ontop of rhel9/redis-6 but accepts external connections and runs appendonly mode with full durability." diff --git a/Dockerfile.updatetree.rh b/Dockerfile.updatetree.rh index e81784182e..aa73f0c29f 100644 --- a/Dockerfile.updatetree.rh +++ b/Dockerfile.updatetree.rh @@ -1,4 +1,4 @@ -FROM registry.redhat.io/ubi9/go-toolset:9.7-1777898790@sha256:59ec4752cf86f0d0dd240b9e29c64d6ee560c28fc986171e126db1db216a246a AS build +FROM registry.redhat.io/ubi9/go-toolset:9.7-1778171507@sha256:f9c8537423d96da6c0e704a7d40a1bd5401c4287a05c7f7f196550a5a375a6b6 AS build ENV APP_ROOT=/opt/app-root \ GOPATH=/opt/app-root \ CGO_ENABLED=1 \ @@ -19,7 +19,7 @@ RUN go mod download && \ gzip updatetree-windows-amd64.exe # Multi-Stage production build -FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:8d0a8fb39ec907e8ca62cdd24b62a63ca49a30fe465798a360741fde58437a23 AS deploy +FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:b9b10f42d7eba7ad4a6d5ef26b7d34fdc892b2ffe59b8d0372ec884008569eb6 AS deploy # Add license file COPY LICENSE /licenses/LICENSE diff --git a/examples/deployment/docker/db_server/Dockerfile b/examples/deployment/docker/db_server/Dockerfile index f62dae560a..83a1e79dbc 100644 --- a/examples/deployment/docker/db_server/Dockerfile +++ b/examples/deployment/docker/db_server/Dockerfile @@ -1,4 +1,4 @@ -FROM mysql:9.7@sha256:cf40d2c53b86849a8d31bc5784d74a7c3a7b5545f4e5d67691ce8fa19dbf080b +FROM mysql:9.7@sha256:f0ef1d92fa650fcfa5b85f1d82bb1a56a6dd579bf256b8f8f2a5a0b1b61c8b0b # TODO(roger2hk): Uncomment the below OS-level packages patch command as this is a temporary workaround to bypass the mysql8 gpg key rotation issue. diff --git a/examples/deployment/docker/db_server/postgresql/Dockerfile b/examples/deployment/docker/db_server/postgresql/Dockerfile index 0664c5a950..8572e16e76 100644 --- a/examples/deployment/docker/db_server/postgresql/Dockerfile +++ b/examples/deployment/docker/db_server/postgresql/Dockerfile @@ -1,4 +1,4 @@ -FROM postgres:17.9@sha256:5b96f1a16bd9768b060dd2ffe55cb6225c4d9ef4d214a8b21eb08134869a97e4 +FROM postgres:17.9@sha256:347bc4e64006d47bb255b0e28652d08590260a5e97f6b55f6ba1c0b31aef58b3 # expects the build context to be: $GOPATH/src/github.com/google/trillian COPY storage/postgresql/schema/storage.sql /docker-entrypoint-initdb.d/storage.sql