WEB-805:Upgrade the Docker Image versions for NodeJS and Nginx#3247
Merged
IOhacker merged 1 commit intoopenMF:devfrom Mar 2, 2026
Merged
WEB-805:Upgrade the Docker Image versions for NodeJS and Nginx#3247IOhacker merged 1 commit intoopenMF:devfrom
IOhacker merged 1 commit intoopenMF:devfrom
Conversation
|
Note
|
| Cohort / File(s) | Summary |
|---|---|
Dockerfile base image updates Dockerfile |
Updated ARG BUILDER_IMAGE from node:24-alpine3.22 → node:24-alpine3.23 and ARG NGINX_IMAGE from nginx:1.29-alpine3.22-slim → nginx:1.29-alpine3.23-slim. |
Estimated code review effort
🎯 1 (Trivial) | ⏱️ ~3 minutes
Possibly related PRs
- WEB-390: Update Node and NGINX images in Dockerfile #2739: Modified the same Dockerfile ARGs for
BUILDER_IMAGEandNGINX_IMAGE(previous Alpine tag updates).
Suggested reviewers
- IOhacker
- steinwinde
🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
| Check name | Status | Explanation |
|---|---|---|
| Description Check | ✅ Passed | Check skipped - CodeRabbit’s high-level summary is enabled. |
| Title check | ✅ Passed | The title clearly describes the main change: upgrading Docker image versions for NodeJS and Nginx, which aligns perfectly with the Dockerfile modifications in the changeset. |
| Docstring Coverage | ✅ Passed | No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check. |
✏️ Tip: You can configure your own custom pre-merge checks in the settings.
✨ Finishing Touches
🧪 Generate unit tests (beta)
- Create PR with unit tests
- Post copyable unit tests in a comment
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.
Comment @coderabbitai help to get the list of available commands and usage tips.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
🧹 Nitpick comments (1)
Dockerfile (1)
4-5: Pin the upgraded base images by digest for reproducible builds.The tag upgrade on Line 4 and Line 5 looks good, but tags can be retargeted. Consider pinning both images with
@sha256to avoid drift across builds.#!/bin/bash set -euo pipefail # Resolve current digests for the exact tags used in Dockerfile (read-only). for image in "node:24-alpine3.23" "nginx:1.29-alpine3.23-slim"; do repo="${image%:*}" tag="${image##*:}" token=$(curl -fsSL \ "https://auth.docker.io/token?service=registry.docker.io&scope=repository:library/${repo}:pull" \ | jq -r '.token') digest=$(curl -fsSI \ -H "Authorization: Bearer ${token}" \ -H "Accept: application/vnd.oci.image.index.v1+json, application/vnd.docker.distribution.manifest.list.v2+json" \ "https://registry-1.docker.io/v2/library/${repo}/manifests/${tag}" \ | awk -F': ' 'tolower($1)=="docker-content-digest"{gsub("\r","",$2); print $2}') echo "${image}@${digest}" doneExample follow-up diff after resolving digests
-ARG BUILDER_IMAGE=node:24-alpine3.23 -ARG NGINX_IMAGE=nginx:1.29-alpine3.23-slim +ARG BUILDER_IMAGE=node:24-alpine3.23@sha256:<resolved-node-digest> +ARG NGINX_IMAGE=nginx:1.29-alpine3.23-slim@sha256:<resolved-nginx-digest>🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@Dockerfile` around lines 4 - 5, Update the two Dockerfile ARGs to use immutable image digests instead of floating tags: replace the values for ARG BUILDER_IMAGE and ARG NGINX_IMAGE (currently "node:24-alpine3.23" and "nginx:1.29-alpine3.23-slim") with their corresponding `@sha256` digests you resolve (e.g., "node:24-alpine3.23@sha256:..." and "nginx:1.29-alpine3.23-slim@sha256:...") so builds are reproducible; use the provided registry lookup script or Docker registry API to fetch the exact digests and commit the updated ARG lines in the Dockerfile.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In `@Dockerfile`:
- Around line 4-5: Update the two Dockerfile ARGs to use immutable image digests
instead of floating tags: replace the values for ARG BUILDER_IMAGE and ARG
NGINX_IMAGE (currently "node:24-alpine3.23" and "nginx:1.29-alpine3.23-slim")
with their corresponding `@sha256` digests you resolve (e.g.,
"node:24-alpine3.23@sha256:..." and "nginx:1.29-alpine3.23-slim@sha256:...") so
builds are reproducible; use the provided registry lookup script or Docker
registry API to fetch the exact digests and commit the updated ARG lines in the
Dockerfile.
Contributor
Author
|
@IOhacker hey! give it a review whenever you have time!! |
Contributor
|
Please squash and commit. |
Contributor
Author
|
@IOhacker done!! i pulled the changes wrongly which cause git to think they were a part of my pr!! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
-modified nginx/node versions in the dockerfile
jira ticket: 805
Please make sure these boxes are checked before submitting your pull request - thanks!
[*] If you have multiple commits please combine them into one commit by squashing them.
[*] Read and understood the contribution guidelines at web-app/.github/CONTRIBUTING.md.
Summary by CodeRabbit