From 83a40d156b9a521de7a770f569116828d2516116 Mon Sep 17 00:00:00 2001
From: Stefan Prodan <stefan.prodan@gmail.com>
Date: Fri, 27 Jan 2023 16:26:47 +0200
Subject: [PATCH 1/2] Update Alpine to 3.17

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 9cd650f5..2dc73860 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -61,7 +61,7 @@ RUN export CGO_LDFLAGS="-static -fuse-ld=lld" && \
 # Ensure that the binary was cross-compiled correctly to the target platform.
 RUN xx-verify --static /source-controller
 
-FROM alpine:3.16
+FROM alpine:3.17
 
 ARG TARGETPLATFORM
 RUN apk --no-cache add ca-certificates \

From 59e061c8ef76be33e62b535c5a38e28d294d0e4c Mon Sep 17 00:00:00 2001
From: Stefan Prodan <stefan.prodan@gmail.com>
Date: Fri, 27 Jan 2023 16:45:41 +0200
Subject: [PATCH 2/2] build: Enable SBOM and SLSA Provenance

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
---
 .github/workflows/release.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 95f9d041..25083e07 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -62,6 +62,8 @@ jobs:
       - name: Publish images
         uses: docker/build-push-action@v3
         with:
+          sbom: true
+          provenance: true
           push: true
           builder: ${{ steps.buildx.outputs.name }}
           context: .