From 95922c4f1615c1f33fba950da04087b64a686dd3 Mon Sep 17 00:00:00 2001
From: Gus <gocanto@users.noreply.github.com>
Date: Wed, 15 Oct 2025 09:27:29 +0800
Subject: [PATCH 1/2] Update Alpine base image digest

---
 docker/dockerfile-api | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/dockerfile-api b/docker/dockerfile-api
index a2a5a1f3..1c380eea 100644
--- a/docker/dockerfile-api
+++ b/docker/dockerfile-api
@@ -82,7 +82,7 @@ RUN go build \
 # ----------------------------------------------------------------------------------------------------------------------
 #                                           FINAL STAGE
 # ----------------------------------------------------------------------------------------------------------------------
-FROM alpine:3.22@sha256:85f2b723e106c34644cd5851d7e81ee87da98ac54672b29947c052a45d31dc2f
+FROM alpine:3.22@sha256:4b7ce07002c69e8f3d704a9c5d6fd3053be500b7f1c69fc0d80990c2ad8dd412
 
 # Bring in the runtime args.
 ARG APP_USER

From 1200312295ceb5e54dd6caa3ada5b15827be744d Mon Sep 17 00:00:00 2001
From: Gus <gocanto@users.noreply.github.com>
Date: Wed, 15 Oct 2025 09:36:48 +0800
Subject: [PATCH 2/2] Parameterize base image digests

---
 docker/dockerfile-api | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/docker/dockerfile-api b/docker/dockerfile-api
index 1c380eea..5a4f7547 100644
--- a/docker/dockerfile-api
+++ b/docker/dockerfile-api
@@ -13,6 +13,10 @@ ARG APP_VERSION=0.0.0.1
 ARG BUILD_TAGS="posts,experience,profile,projects,social,talks,gus,gocanto"
 ARG BINARY_NAME=oullin_api
 
+# Base image digests
+ARG GOLANG_ALPINE_DIGEST=sha256:c3dc5d5e8cf34ccb2172fb8d1aa399aa13cd8b60d27bba891d18e3b436a0c5f6
+ARG ALPINE_DIGEST=sha256:4b7ce07002c69e8f3d704a9c5d6fd3053be500b7f1c69fc0d80990c2ad8dd412
+
 # Non-root user/group settings.
 ARG APP_USER=appuser
 ARG APP_GROUP=appgroup
@@ -34,7 +38,7 @@ ARG TZ=Asia/Singapore
 # ----------------------------------------------------------------------------------------------------------------------
 #                                           BUILDER STAGE
 # ----------------------------------------------------------------------------------------------------------------------
-FROM golang:1.25.3-alpine3.22@sha256:c3dc5d5e8cf34ccb2172fb8d1aa399aa13cd8b60d27bba891d18e3b436a0c5f6 AS builder
+FROM golang:1.25.3-alpine3.22@${GOLANG_ALPINE_DIGEST} AS builder
 
 # Bring in the build args needed in this stage.
 ARG APP_DIR
@@ -82,7 +86,7 @@ RUN go build \
 # ----------------------------------------------------------------------------------------------------------------------
 #                                           FINAL STAGE
 # ----------------------------------------------------------------------------------------------------------------------
-FROM alpine:3.22@sha256:4b7ce07002c69e8f3d704a9c5d6fd3053be500b7f1c69fc0d80990c2ad8dd412
+FROM alpine:3.22@${ALPINE_DIGEST}
 
 # Bring in the runtime args.
 ARG APP_USER