diff --git a/cmd/ah/Dockerfile b/cmd/ah/Dockerfile index 4b307bd7..87292598 100644 --- a/cmd/ah/Dockerfile +++ b/cmd/ah/Dockerfile @@ -1,5 +1,5 @@ # Build ah -FROM golang:1.24.2-alpine3.21 AS ah-builder +FROM golang:1.24.4-alpine3.22 AS ah-builder ARG VERSION ARG GIT_COMMIT WORKDIR /go/src/github.com/artifacthub/ah @@ -10,7 +10,7 @@ WORKDIR /go/src/github.com/artifacthub/ah/cmd/ah RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-X main.version=$VERSION -X main.gitCommit=$GIT_COMMIT" -o /ah . # Final stage -FROM alpine:3.21.3 +FROM alpine:3.22.0 RUN apk --no-cache add git && addgroup -S ah -g 1000 && adduser -S ah -u 1000 -G ah USER 1000 COPY --from=ah-builder /ah /usr/local/bin diff --git a/cmd/hub/Dockerfile b/cmd/hub/Dockerfile index 66984aa8..95d6e5be 100644 --- a/cmd/hub/Dockerfile +++ b/cmd/hub/Dockerfile @@ -1,5 +1,5 @@ # Build backend -FROM golang:1.24.2-alpine3.21 AS backend-builder +FROM golang:1.24.4-alpine3.22 AS backend-builder WORKDIR /go/src/github.com/artifacthub/hub COPY go.* ./ COPY cmd/hub cmd/hub @@ -34,7 +34,7 @@ WORKDIR /docs/www RUN hugo # Final stage -FROM alpine:3.21.3 +FROM alpine:3.22.0 RUN apk --no-cache add ca-certificates && addgroup -S hub -g 1000 && adduser -S hub -u 1000 -G hub USER 1000 WORKDIR /home/hub diff --git a/cmd/scanner/Dockerfile b/cmd/scanner/Dockerfile index e836fbae..9fa6dbe2 100644 --- a/cmd/scanner/Dockerfile +++ b/cmd/scanner/Dockerfile @@ -1,5 +1,5 @@ # Build scanner -FROM golang:1.24.2-alpine3.21 AS scanner-builder +FROM golang:1.24.4-alpine3.22 AS scanner-builder WORKDIR /go/src/github.com/artifacthub/scanner COPY go.* ./ COPY cmd/scanner cmd/scanner @@ -8,12 +8,12 @@ WORKDIR /go/src/github.com/artifacthub/scanner/cmd/scanner RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /scanner . # Trivy installer -FROM alpine:3.21.3 AS trivy-installer +FROM alpine:3.22.0 AS trivy-installer RUN apk --no-cache add curl RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.56.1 # Final stage -FROM alpine:3.21.3 +FROM alpine:3.22.0 RUN apk --no-cache add ca-certificates && addgroup -S scanner -g 1000 && adduser -S scanner -u 1000 -G scanner USER 1000 WORKDIR /home/scanner diff --git a/cmd/tracker/Dockerfile b/cmd/tracker/Dockerfile index 3301fd68..9a754344 100644 --- a/cmd/tracker/Dockerfile +++ b/cmd/tracker/Dockerfile @@ -1,5 +1,5 @@ # Build tracker -FROM golang:1.24.2-bullseye AS builder +FROM golang:1.24.4-bullseye AS builder WORKDIR /tmp ENV LIBTENSORFLOW_TGZ libtensorflow-cpu-linux-x86_64-2.11.0.tar.gz RUN wget -q --no-check-certificate https://storage.googleapis.com/tensorflow/libtensorflow/$LIBTENSORFLOW_TGZ @@ -13,7 +13,7 @@ WORKDIR /go/src/github.com/artifacthub/hub/cmd/tracker RUN CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -o /tracker . # OPM installer -FROM golang:1.24-bullseye AS opm-installer +FROM golang:1.24.4-bullseye AS opm-installer WORKDIR /tmp RUN git clone https://github.com/operator-framework/operator-registry WORKDIR /tmp/operator-registry/cmd/opm diff --git a/database/migrations/Dockerfile b/database/migrations/Dockerfile index 596e76eb..9adca2f6 100644 --- a/database/migrations/Dockerfile +++ b/database/migrations/Dockerfile @@ -1,10 +1,10 @@ # Build tern -FROM golang:1.24.2-alpine3.21 AS tern +FROM golang:1.24.4-alpine3.22 AS tern RUN apk --no-cache add git RUN go install github.com/jackc/tern@latest # Build final image -FROM alpine:3.21.3 +FROM alpine:3.22.0 RUN addgroup -S db-migrator -g 1000 && adduser -S db-migrator -u 1000 -G db-migrator USER 1000 WORKDIR /home/db-migrator diff --git a/database/tests/Dockerfile-db-tests b/database/tests/Dockerfile-db-tests index e89ac704..cac31e8f 100644 --- a/database/tests/Dockerfile-db-tests +++ b/database/tests/Dockerfile-db-tests @@ -1,10 +1,10 @@ # Build tern -FROM golang:1.24.2-alpine3.21 AS tern +FROM golang:1.24.4-alpine3.22 AS tern RUN apk --no-cache add git RUN go get -u github.com/jackc/tern # Build final image -FROM alpine:3.21.3 +FROM alpine:3.22.0 RUN apk --no-cache add git perl-app-cpanminus postgresql-client RUN cpanm --no-wget TAP::Parser::SourceHandler::pgTAP RUN addgroup -S db-tests && adduser -S db-tests -G db-tests