diff --git a/cmd/analyze/Dockerfile b/cmd/analyze/Dockerfile index e05d94ad..b0ad219d 100644 --- a/cmd/analyze/Dockerfile +++ b/cmd/analyze/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.23.1@sha256:4a3c2bcd243d3dbb7b15237eecb0792db3614900037998c2cd6a579c46888c1e as build +FROM golang:1.23.1@sha256:4a3c2bcd243d3dbb7b15237eecb0792db3614900037998c2cd6a579c46888c1e AS build RUN apt-get update && apt-get install -y libpcap-dev WORKDIR /src @@ -10,9 +10,9 @@ RUN go mod download COPY . ./ RUN go build -o analyze ./cmd/analyze && go build -o worker ./cmd/worker -FROM ubuntu:22.04@sha256:42ba2dfce475de1113d55602d40af18415897167d47c2045ec7b6d9746ff148f +FROM ubuntu:22.04@sha256:3ba65aa20f86a0fad9df2b2c259c613df006b2e6d0bfcc8a146afb8c525a9751 -ENV DEBIAN_FRONTEND noninteractive +ENV DEBIAN_FRONTEND="noninteractive" RUN apt-get update && apt-get upgrade -y && \ apt-get install -y \ apt-transport-https \ diff --git a/cmd/scheduler/Dockerfile b/cmd/scheduler/Dockerfile index bfc4a99d..eeebfc91 100644 --- a/cmd/scheduler/Dockerfile +++ b/cmd/scheduler/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.23.1@sha256:4a3c2bcd243d3dbb7b15237eecb0792db3614900037998c2cd6a579c46888c1e as build +FROM golang:1.23.1@sha256:4a3c2bcd243d3dbb7b15237eecb0792db3614900037998c2cd6a579c46888c1e AS build WORKDIR /src # First cache the dependencies to avoid downloading again on code change @@ -10,7 +10,7 @@ COPY . ./ RUN CGO_ENABLED=0 go build -o scheduler ./cmd/scheduler/main.go -FROM gcr.io/distroless/base:nonroot@sha256:bc84925113289d139a9ef2f309f0dd7ac46ea7b786f172ba9084ffdb4cbd9490 +FROM gcr.io/distroless/base:nonroot@sha256:746b9dbe3065a124395d4a7698241dbd6f3febbf01b73e48f942aabd7b8e5eac COPY --from=build /src/scheduler /usr/local/bin/scheduler diff --git a/sandboxes/dynamicanalysis/Dockerfile b/sandboxes/dynamicanalysis/Dockerfile index bf97d14c..2bd8e9e5 100644 --- a/sandboxes/dynamicanalysis/Dockerfile +++ b/sandboxes/dynamicanalysis/Dockerfile @@ -5,14 +5,14 @@ # NO_PUBKEY B53DC80D13EDEF05 [kubectl] # buildpack-deps 22.04 [ubuntu] -FROM buildpack-deps@sha256:d76488a56e1e85930e053b794daa9f990636565bf0de54903d65d93c43c3cad5 AS image +FROM buildpack-deps@sha256:e3a9f4d68852ea0111610b75443f6eb809c28816b04088722f9a079a49cf1287 AS image # All intermediate files during first-stage build are stored under /setup # This directory is removed before second-stage build (i.e. copying runtime files to an empty image) WORKDIR /setup # Suppress questions relating to package installs -ENV DEBIAN_FRONTEND noninteractive +ENV DEBIAN_FRONTEND="noninteractive" # Silence 'debconf: delaying package configuation, since apt-utils is not installed' warning # as it related to interactive configuration anyway ENV DEBCONF_NOWARNINGS="yes" diff --git a/sandboxes/staticanalysis/Dockerfile b/sandboxes/staticanalysis/Dockerfile index 27ad076a..9426347a 100644 --- a/sandboxes/staticanalysis/Dockerfile +++ b/sandboxes/staticanalysis/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.23.1@sha256:4a3c2bcd243d3dbb7b15237eecb0792db3614900037998c2cd6a579c46888c1e as build +FROM golang:1.23.1@sha256:4a3c2bcd243d3dbb7b15237eecb0792db3614900037998c2cd6a579c46888c1e AS build # Note: Dockerfile uses paths relative to the top-level project directory, # so it should be built from that directory, i.e: @@ -18,7 +18,7 @@ WORKDIR /src/sandboxes/staticanalysis # If CGO is disabled then we don't need glibc RUN CGO_ENABLED=0 go build -o staticanalyze staticanalyze.go -FROM alpine:3.17.1@sha256:93d5a28ff72d288d69b5997b8ba47396d2cbb62a72b5d87cd3351094b5d578a0 +FROM alpine:3.23.3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 RUN apk add --no-cache file && \ apk add --no-cache nodejs && \ apk add --no-cache npm && \