Update Container images - All - Major, minor and patch to v26.4.0#2471
Merged
AlexSkrypnyk merged 1 commit intomainfrom Apr 23, 2026
Merged
Update Container images - All - Major, minor and patch to v26.4.0#2471AlexSkrypnyk merged 1 commit intomainfrom
AlexSkrypnyk merged 1 commit intomainfrom
Conversation
| datasource | package | from | to | | ---------- | ---------------------------- | ------ | ------ | | docker | uselagoon/commons | 26.3.0 | 26.4.0 | | docker | uselagoon/mysql-8.4 | 26.3.0 | 26.4.0 | | docker | uselagoon/nginx-drupal | 26.3.0 | 26.4.0 | | docker | uselagoon/php-8.4-cli-drupal | 26.3.0 | 26.4.0 | | docker | uselagoon/php-8.4-fpm | 26.3.0 | 26.4.0 | | docker | uselagoon/solr-9-drupal | 26.3.0 | 26.4.0 |
AlexSkrypnyk
added
the
Dependencies
WalkthroughVersion bumps applied across six Docker base image tags from Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.docker/nginx-drupal.dockerfile:
- Line 14: The Dockerfile uses a mutable image tag in the FROM instruction
("uselagoon/nginx-drupal:26.4.0"); replace that tag with the pinned immutable
digest form (append
`@sha256`:04496e376d154c2de7213d41671d1e3c1c60378c928970ce07e096a04e90e83c) so the
FROM line becomes the digest-pinned reference to ensure reproducible builds, and
apply the same change to the other dockerfiles that use the same image pattern
(cli.dockerfile, php.dockerfile, solr.dockerfile, clamav.dockerfile) by updating
their FROM lines to use the corresponding `@sha256` digest.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository UI
Review profile: ASSERTIVE
Plan: Pro Plus
Run ID: 3c2f2b28-f656-4d94-beaf-c780120b53cd
📒 Files selected for processing (6)
.docker/clamav.dockerfile.docker/cli.dockerfile.docker/database.dockerfile.docker/nginx-drupal.dockerfile.docker/php.dockerfile.docker/solr.dockerfile
| FROM ${CLI_IMAGE:-cli} AS cli | ||
|
|
||
| FROM uselagoon/nginx-drupal:26.3.0 | ||
| FROM uselagoon/nginx-drupal:26.4.0 |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
repos=(
"commons"
"mysql-8.4"
"nginx-drupal"
"php-8.4-cli-drupal"
"php-8.4-fpm"
"solr-9-drupal"
)
tag="26.4.0"
for repo in "${repos[@]}"; do
token="$(curl -fsSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:uselagoon/${repo}:pull" | jq -r '.token')"
headers="$(curl -fsSI \
-H "Authorization: Bearer ${token}" \
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
"https://registry-1.docker.io/v2/uselagoon/${repo}/manifests/${tag}")"
code="$(printf '%s\n' "${headers}" | awk 'NR==1 {print $2}')"
digest="$(printf '%s\n' "${headers}" | awk -F': ' 'tolower($1)=="docker-content-digest"{print $2}' | tr -d '\r')"
echo "uselagoon/${repo}:${tag} -> HTTP ${code}, digest=${digest}"
doneRepository: drevops/vortex
Length of output: 787
🏁 Script executed:
find .docker -name "*.dockerfile" -o -name "Dockerfile*" | head -20Repository: drevops/vortex
Length of output: 213
🏁 Script executed:
cat -n .docker/nginx-drupal.dockerfile | head -20Repository: drevops/vortex
Length of output: 670
🏁 Script executed:
rg "FROM uselagoon/" .dockerRepository: drevops/vortex
Length of output: 372
Pin immutable digest alongside tag for reproducible builds.
Line 14 uses a mutable tag reference. To ensure reproducible and secure builds, pin the immutable digest: FROM uselagoon/nginx-drupal:26.4.0@sha256:04496e376d154c2de7213d41671d1e3c1c60378c928970ce07e096a04e90e83c.
Note: Multiple other Dockerfiles in .docker/ follow the same pattern (cli.dockerfile, php.dockerfile, solr.dockerfile, clamav.dockerfile) and should be updated similarly.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.docker/nginx-drupal.dockerfile at line 14, The Dockerfile uses a mutable
image tag in the FROM instruction ("uselagoon/nginx-drupal:26.4.0"); replace
that tag with the pinned immutable digest form (append
`@sha256`:04496e376d154c2de7213d41671d1e3c1c60378c928970ce07e096a04e90e83c) so the
FROM line becomes the digest-pinned reference to ensure reproducible builds, and
apply the same change to the other dockerfiles that use the same image pattern
(cli.dockerfile, php.dockerfile, solr.dockerfile, clamav.dockerfile) by updating
their FROM lines to use the corresponding `@sha256` digest.
|
Code coverage (threshold: 90%) Per-class coverage |
This comment has been minimized.
This comment has been minimized.
2 similar comments
This comment has been minimized.
This comment has been minimized.
Member
Author
|
Code coverage (threshold: 90%) Per-class coverage |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #2471 +/- ##
==========================================
- Coverage 79.93% 79.47% -0.46%
==========================================
Files 129 122 -7
Lines 6883 6724 -159
Branches 47 3 -44
==========================================
- Hits 5502 5344 -158
+ Misses 1381 1380 -1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
26.3.0→26.4.026.3.0→26.4.026.3.0→26.4.026.3.0→26.4.026.3.0→26.4.026.3.0→26.4.0Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
uselagoon/lagoon-images (uselagoon/commons)
v26.4.0: lagoon-images 26.4.0Compare Source
Notes on this release
A maintenance-heavy release focused on package parity and security updates. This version includes updates to MariaDB, OpenSearch, and Nginx/Varnish, alongside standard version bumps for PHP, Node, Python, and Ruby runtimes.
New/Deprecated/Removed Images
No images were introduced/deprecated/removed in this release.
Changes in this release
Package Updates
PHP related
Foundations
Databases / Caches / Search
Web / Runtime bases
Devops
Configuration
📅 Schedule: (in timezone UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by Renovate Bot.
Summary by CodeRabbit