From 043da7164de9e9dc0eff8b34a0ca48840749b444 Mon Sep 17 00:00:00 2001 From: Benjamin Elder Date: Thu, 23 May 2024 13:51:40 -0700 Subject: [PATCH] update gcb-docker-gcloud to latest, and pin digest this is a staging repository, which has lower security than registry.k8s.io, so we should REALLY be pinning it. TODO: This is one of the few places we still depend on GCR to build things. We should consider promoting this image to registry.k8s.io or using a different image. --- build/dependencies.yaml | 2 +- build/pause/cloudbuild.yaml | 2 +- cluster/images/etcd/cloudbuild.yaml | 2 +- test/images/cloudbuild.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/build/dependencies.yaml b/build/dependencies.yaml index 841462ad4a9eb..c256b59bcdbac 100644 --- a/build/dependencies.yaml +++ b/build/dependencies.yaml @@ -271,7 +271,7 @@ dependencies: # GCB docker gcloud image - name: "gcb-docker-gcloud: dependents" - version: v20230623-56e06d7c18 + version: v20240523-a15ad90fc9@sha256:bb04162508c2c61637eae700a0d8e8c8be8f2d4c831d2b75e59db2d4dd6cf75d refPaths: - path: build/pause/cloudbuild.yaml match: gcr.io/k8s-staging-test-infra/gcb-docker-gcloud diff --git a/build/pause/cloudbuild.yaml b/build/pause/cloudbuild.yaml index 360b0ef927270..892c63e19d272 100644 --- a/build/pause/cloudbuild.yaml +++ b/build/pause/cloudbuild.yaml @@ -4,7 +4,7 @@ options: substitution_option: ALLOW_LOOSE machineType: 'N1_HIGHCPU_8' steps: - - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20230623-56e06d7c18' + - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20240523-a15ad90fc9@sha256:bb04162508c2c61637eae700a0d8e8c8be8f2d4c831d2b75e59db2d4dd6cf75d' entrypoint: 'bash' dir: ./build/pause env: diff --git a/cluster/images/etcd/cloudbuild.yaml b/cluster/images/etcd/cloudbuild.yaml index bda8a09bb5013..520fb8e74df67 100644 --- a/cluster/images/etcd/cloudbuild.yaml +++ b/cluster/images/etcd/cloudbuild.yaml @@ -4,7 +4,7 @@ options: substitution_option: ALLOW_LOOSE machineType: 'N1_HIGHCPU_8' steps: - - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20230623-56e06d7c18' + - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20240523-a15ad90fc9@sha256:bb04162508c2c61637eae700a0d8e8c8be8f2d4c831d2b75e59db2d4dd6cf75d' entrypoint: 'bash' dir: ./cluster/images/etcd env: diff --git a/test/images/cloudbuild.yaml b/test/images/cloudbuild.yaml index 8de5daf0136b6..4a51385130564 100644 --- a/test/images/cloudbuild.yaml +++ b/test/images/cloudbuild.yaml @@ -9,7 +9,7 @@ options: substitution_option: ALLOW_LOOSE machineType: 'N1_HIGHCPU_8' steps: - - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20230623-56e06d7c18' + - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20240523-a15ad90fc9@sha256:bb04162508c2c61637eae700a0d8e8c8be8f2d4c831d2b75e59db2d4dd6cf75d' entrypoint: 'bash' dir: ./test/images/ env: