From f2c9ddc717ced4dfc94ce0d4f718c9891423654f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Apr 2024 16:43:59 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .github/workflows/dependabot_automerge.yml | 4 ++-- .github/workflows/gobuild.yml | 2 +- aws-sam-container/app/Dockerfile | 6 +++--- cloud-run/Dockerfile | 4 ++-- docker-nginx-loadbalancer/Dockerfile | 2 +- fiber-colly-gorm/app/Dockerfile | 2 +- fiber-envoy-extauthz/app/Dockerfile | 4 ++-- fiber-envoy-extauthz/authz/Dockerfile | 4 ++-- gcloud-firebase/Dockerfile | 2 +- gcloud/Dockerfile | 2 +- k8s/Dockerfile | 4 ++-- react-router/Dockerfile | 2 +- todo-app-with-auth-gorm/Dockerfile | 4 ++-- url-shortener-api/api/Dockerfile | 4 ++-- url-shortener-api/db/Dockerfile | 2 +- 15 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/dependabot_automerge.yml b/.github/workflows/dependabot_automerge.yml index 76663cb923..fbfb121e03 100644 --- a/.github/workflows/dependabot_automerge.yml +++ b/.github/workflows/dependabot_automerge.yml @@ -12,7 +12,7 @@ jobs: if: ${{ github.actor == 'dependabot[bot]' }} steps: - name: Wait for check is finished - uses: lewagon/wait-on-check-action@v1.3.1 + uses: lewagon/wait-on-check-action@e106e5c43e8ca1edea6383a39a01c5ca495fd812 # v1.3.1 id: wait_for_checks with: ref: ${{ github.event.pull_request.head.sha || github.sha }} @@ -28,7 +28,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v1.6.0 + uses: dependabot/fetch-metadata@c9c4182bf1b97f5224aee3906fd373f6b61b4526 # v1.6.0 with: github-token: "${{ secrets.PR_TOKEN }}" - name: Enable auto-merge for Dependabot PRs diff --git a/.github/workflows/gobuild.yml b/.github/workflows/gobuild.yml index b4e645634f..212dd13e42 100644 --- a/.github/workflows/gobuild.yml +++ b/.github/workflows/gobuild.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Fetch Repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: fetch-depth: 0 # Fetch all history so diffs can be performed diff --git a/aws-sam-container/app/Dockerfile b/aws-sam-container/app/Dockerfile index 8c970ed85a..66251ed43d 100644 --- a/aws-sam-container/app/Dockerfile +++ b/aws-sam-container/app/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.20 as build-env +FROM golang:1.20@sha256:8f9af7094d0cb27cc783c697ac5ba25efdc4da35f8526db21f7aebb0b0b4f18a as build-env WORKDIR /go/src/app @@ -6,9 +6,9 @@ COPY . . RUN CGO_ENABLED=0 go build -ldflags "-s -w" -o /go/bin/app -FROM gcr.io/distroless/static-debian11:latest +FROM gcr.io/distroless/static-debian11:latest@sha256:6d31326376a7834b106f281b04f67b5d015c31732f594930f2ea81365f99d60c -COPY --from=public.ecr.aws/awsguru/aws-lambda-adapter:0.7.0 /lambda-adapter /opt/extensions/lambda-adapter +COPY --from=public.ecr.aws/awsguru/aws-lambda-adapter:0.7.0@sha256:c82920b82cd7fc20febf8bd608e907610bb32015edaf0fd6c065138d17125c12 /lambda-adapter /opt/extensions/lambda-adapter COPY --from=build-env /go/bin/app / ENV PORT=3000 diff --git a/cloud-run/Dockerfile b/cloud-run/Dockerfile index cbc8fd36d7..a58051c0fe 100644 --- a/cloud-run/Dockerfile +++ b/cloud-run/Dockerfile @@ -1,4 +1,4 @@ -FROM golang as build-go +FROM golang@sha256:d5302d40dc5fbbf38ec472d1848a9d2391a13f93293a6a5b0b87c99dc0eaa6ae as build-go WORKDIR /cloud-run-example COPY go.mod . COPY go.sum . @@ -6,7 +6,7 @@ RUN go mod download COPY . . RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /bin/cloud-run-example . -FROM alpine:latest +FROM alpine:latest@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b RUN addgroup -S cloud-run-example && adduser -S cloud-run-example -G cloud-run-example USER cloud-run-example WORKDIR /home/cloud-run-example diff --git a/docker-nginx-loadbalancer/Dockerfile b/docker-nginx-loadbalancer/Dockerfile index 757eb732fb..1d72cdb1ca 100644 --- a/docker-nginx-loadbalancer/Dockerfile +++ b/docker-nginx-loadbalancer/Dockerfile @@ -1,5 +1,5 @@ # STEP 1 build executable binary -FROM golang:alpine AS builder +FROM golang:alpine@sha256:cdc86d9f363e8786845bea2040312b4efa321b828acdeb26f393faa864d887b0 AS builder RUN adduser -D -g '' appuser RUN mkdir /app diff --git a/fiber-colly-gorm/app/Dockerfile b/fiber-colly-gorm/app/Dockerfile index 645f34d933..ab4979787c 100644 --- a/fiber-colly-gorm/app/Dockerfile +++ b/fiber-colly-gorm/app/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.20 +FROM golang:1.20@sha256:8f9af7094d0cb27cc783c697ac5ba25efdc4da35f8526db21f7aebb0b0b4f18a RUN apt update && apt upgrade -y &&\ apt install -y git diff --git a/fiber-envoy-extauthz/app/Dockerfile b/fiber-envoy-extauthz/app/Dockerfile index c70fca1c00..e8d6015c0b 100644 --- a/fiber-envoy-extauthz/app/Dockerfile +++ b/fiber-envoy-extauthz/app/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:alpine AS builder +FROM golang:alpine@sha256:cdc86d9f363e8786845bea2040312b4efa321b828acdeb26f393faa864d887b0 AS builder WORKDIR /bin COPY go.mod . COPY go.sum . @@ -6,7 +6,7 @@ RUN go mod download COPY main.go . RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o app main.go -FROM alpine:latest AS final +FROM alpine:latest@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b AS final WORKDIR / COPY --from=builder /bin/app ./ EXPOSE 3000 diff --git a/fiber-envoy-extauthz/authz/Dockerfile b/fiber-envoy-extauthz/authz/Dockerfile index d1c3587e89..c6a1c9e40e 100644 --- a/fiber-envoy-extauthz/authz/Dockerfile +++ b/fiber-envoy-extauthz/authz/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:alpine AS builder +FROM golang:alpine@sha256:cdc86d9f363e8786845bea2040312b4efa321b828acdeb26f393faa864d887b0 AS builder WORKDIR /bin COPY go.mod . COPY go.sum . @@ -6,7 +6,7 @@ RUN go mod download COPY main.go . RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o app main.go -FROM alpine:latest AS final +FROM alpine:latest@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b AS final WORKDIR / COPY --from=builder /bin/app ./ EXPOSE 1337 diff --git a/gcloud-firebase/Dockerfile b/gcloud-firebase/Dockerfile index 4bbff01168..98323e842e 100644 --- a/gcloud-firebase/Dockerfile +++ b/gcloud-firebase/Dockerfile @@ -14,7 +14,7 @@ RUN CGO_ENABLED=0 GOOS=linux go build -v -o app cmd/main.go # Use a Docker multi-stage build to create a lean production image. # https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds -FROM alpine +FROM alpine@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b RUN apk add --no-cache ca-certificates # Copy the binary to the production image from the builder stage. diff --git a/gcloud/Dockerfile b/gcloud/Dockerfile index 4bbff01168..98323e842e 100644 --- a/gcloud/Dockerfile +++ b/gcloud/Dockerfile @@ -14,7 +14,7 @@ RUN CGO_ENABLED=0 GOOS=linux go build -v -o app cmd/main.go # Use a Docker multi-stage build to create a lean production image. # https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds -FROM alpine +FROM alpine@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b RUN apk add --no-cache ca-certificates # Copy the binary to the production image from the builder stage. diff --git a/k8s/Dockerfile b/k8s/Dockerfile index a00d082242..1e8dec6617 100644 --- a/k8s/Dockerfile +++ b/k8s/Dockerfile @@ -1,4 +1,4 @@ -FROM golang AS builder +FROM golang@sha256:d5302d40dc5fbbf38ec472d1848a9d2391a13f93293a6a5b0b87c99dc0eaa6ae AS builder WORKDIR /k8s-example COPY go.mod . COPY go.sum . @@ -6,7 +6,7 @@ RUN go mod download COPY . . RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /bin/k8s-example . -FROM alpine:latest +FROM alpine:latest@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b RUN apk --no-cache add ca-certificates RUN addgroup -S k8s-example && adduser -S k8s-example -G k8s-example USER k8s-example diff --git a/react-router/Dockerfile b/react-router/Dockerfile index 5e2e002717..89616b294b 100644 --- a/react-router/Dockerfile +++ b/react-router/Dockerfile @@ -34,7 +34,7 @@ COPY ./web . RUN yarn build # Last stage: discard everything except our executables. -FROM alpine:latest AS prod +FROM alpine:latest@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b AS prod # Set our next working directory. WORKDIR /build diff --git a/todo-app-with-auth-gorm/Dockerfile b/todo-app-with-auth-gorm/Dockerfile index 8b93530166..e9ce64532a 100644 --- a/todo-app-with-auth-gorm/Dockerfile +++ b/todo-app-with-auth-gorm/Dockerfile @@ -1,12 +1,12 @@ #build stage -FROM golang:alpine AS builder +FROM golang:alpine@sha256:cdc86d9f363e8786845bea2040312b4efa321b828acdeb26f393faa864d887b0 AS builder WORKDIR /go/src/app COPY . . RUN go get -d -v . && go build -ldflags="-s -w" main.go #final stage -FROM alpine:latest +FROM alpine:latest@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b LABEL maintainer=numtostr version=0.0.1 COPY --from=builder /go/src/app/main /main EXPOSE 4000 diff --git a/url-shortener-api/api/Dockerfile b/url-shortener-api/api/Dockerfile index f6d0c65f87..380e0f5849 100644 --- a/url-shortener-api/api/Dockerfile +++ b/url-shortener-api/api/Dockerfile @@ -1,6 +1,6 @@ # multistage docker build. This redices the size of the final docker image. # stage 1 to build the app -FROM golang:alpine as builder +FROM golang:alpine@sha256:cdc86d9f363e8786845bea2040312b4efa321b828acdeb26f393faa864d887b0 as builder RUN mkdir /build @@ -11,7 +11,7 @@ WORKDIR /build RUN go build -o main . # stage 2 deploys the app built in stage 1 -FROM alpine +FROM alpine@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b RUN adduser -S -D -H -h /app appuser diff --git a/url-shortener-api/db/Dockerfile b/url-shortener-api/db/Dockerfile index a58a3e8907..7fbaece6f7 100644 --- a/url-shortener-api/db/Dockerfile +++ b/url-shortener-api/db/Dockerfile @@ -1,3 +1,3 @@ -FROM redis:alpine +FROM redis:alpine@sha256:a40e29800d387e3cf9431902e1e7a362e4d819233d68ae39380532c3310091ac EXPOSE 6379 \ No newline at end of file