diff --git a/docker/deployment/Dockerfile b/docker/deployment/Dockerfile index b00c19630c5..8887d9e8421 100644 --- a/docker/deployment/Dockerfile +++ b/docker/deployment/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:24.04@sha256:84e77dee7d1bc93fb029a45e3c6cb9d8aa4831ccfcc7103d36e876938d28895b +FROM ubuntu:24.04@sha256:c4a8d5503dfb2a3eb8ab5f807da5bc69a85730fb49b5cfca2330194ebcc41c7b RUN apt-get update && \ apt-get install -y curl jq diff --git a/docker/terraform/Dockerfile b/docker/terraform/Dockerfile index 8c50e3af993..c2849f553e4 100644 --- a/docker/terraform/Dockerfile +++ b/docker/terraform/Dockerfile @@ -1,6 +1,6 @@ # Taken and modified from https://github.com/GoogleCloudPlatform/cloud-builders-community/tree/master/terraform -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS GO_BUILD +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS GO_BUILD ARG TERRAFORM_VERSION WORKDIR /build/ diff --git a/docker/worker-base/Dockerfile b/docker/worker-base/Dockerfile index 07a93802937..ad61b2c0ac8 100644 --- a/docker/worker-base/Dockerfile +++ b/docker/worker-base/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM ubuntu:24.04@sha256:84e77dee7d1bc93fb029a45e3c6cb9d8aa4831ccfcc7103d36e876938d28895b +FROM ubuntu:24.04@sha256:c4a8d5503dfb2a3eb8ab5f807da5bc69a85730fb49b5cfca2330194ebcc41c7b ENV DEBIAN_FRONTEND noninteractive RUN apt-get update && apt-get upgrade -y && \ diff --git a/gcp/indexer/Dockerfile b/gcp/indexer/Dockerfile index e6dcbc60749..073ed217f8d 100644 --- a/gcp/indexer/Dockerfile +++ b/gcp/indexer/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS GO_BUILD +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS GO_BUILD WORKDIR /build # Cache dependencies in these steps diff --git a/gcp/workers/linter/Dockerfile b/gcp/workers/linter/Dockerfile index 991112a2017..dc5ad7a492e 100644 --- a/gcp/workers/linter/Dockerfile +++ b/gcp/workers/linter/Dockerfile @@ -14,7 +14,7 @@ # Stage 1: Build the Go linter binary -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS go_builder +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS go_builder RUN apk add --no-cache git WORKDIR /src diff --git a/go/cmd/custommetrics/Dockerfile b/go/cmd/custommetrics/Dockerfile index 57475ae4734..b1b407e4a35 100644 --- a/go/cmd/custommetrics/Dockerfile +++ b/go/cmd/custommetrics/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src diff --git a/go/cmd/exporter/Dockerfile b/go/cmd/exporter/Dockerfile index 555728df0eb..35c02b0e608 100644 --- a/go/cmd/exporter/Dockerfile +++ b/go/cmd/exporter/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src diff --git a/go/cmd/first_package_finder/Dockerfile b/go/cmd/first_package_finder/Dockerfile index 7b6ada047f2..a0fbcfa9af8 100644 --- a/go/cmd/first_package_finder/Dockerfile +++ b/go/cmd/first_package_finder/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src @@ -23,7 +23,7 @@ RUN go mod download && go mod verify COPY ./ /src/ RUN CGO_ENABLED=0 go build -o first_package_finder ./cmd/first_package_finder/ -FROM alpine:3.23@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 +FROM alpine:3.23@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 WORKDIR /src COPY --from=build /src/first_package_finder ./first_package_finder diff --git a/go/cmd/generatesitemap/Dockerfile b/go/cmd/generatesitemap/Dockerfile index c51b63cfd79..320225c3eb2 100644 --- a/go/cmd/generatesitemap/Dockerfile +++ b/go/cmd/generatesitemap/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src diff --git a/go/cmd/gitter/Dockerfile b/go/cmd/gitter/Dockerfile index 4f920adc53e..5ec0de29705 100644 --- a/go/cmd/gitter/Dockerfile +++ b/go/cmd/gitter/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src @@ -24,7 +24,7 @@ RUN go mod download && go mod verify COPY ./ /src/ RUN CGO_ENABLED=0 go build -o gitter ./cmd/gitter/ -FROM alpine:3.23@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 +FROM alpine:3.23@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 # Need to install the full tar package, to not use the busybox version, which doesn't have --zstd support. RUN apk add --no-cache bash git zstd tar diff --git a/go/cmd/importer/Dockerfile b/go/cmd/importer/Dockerfile index 5052b75d156..5fa60a9928f 100644 --- a/go/cmd/importer/Dockerfile +++ b/go/cmd/importer/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src @@ -24,7 +24,7 @@ RUN go mod download && go mod verify COPY ./ /src/ RUN CGO_ENABLED=0 go build -o importer ./cmd/importer/ -FROM alpine:3.23@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 +FROM alpine:3.23@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 # Need to install the full tar package, to not use the busybox version, which doesn't have --zstd support. RUN apk add --no-cache git zstd tar diff --git a/go/cmd/recordchecker/Dockerfile b/go/cmd/recordchecker/Dockerfile index ce7e10bf761..cdba46d0bb3 100644 --- a/go/cmd/recordchecker/Dockerfile +++ b/go/cmd/recordchecker/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src diff --git a/go/cmd/relations/Dockerfile b/go/cmd/relations/Dockerfile index a22bd974405..42371b1ad42 100644 --- a/go/cmd/relations/Dockerfile +++ b/go/cmd/relations/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src diff --git a/vulnfeeds/cmd/combine-to-osv/Dockerfile b/vulnfeeds/cmd/combine-to-osv/Dockerfile index 93bd6d194cf..d93f47528ae 100644 --- a/vulnfeeds/cmd/combine-to-osv/Dockerfile +++ b/vulnfeeds/cmd/combine-to-osv/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS GO_BUILD +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS GO_BUILD RUN mkdir /src WORKDIR /src diff --git a/vulnfeeds/cmd/converters/alpine/Dockerfile b/vulnfeeds/cmd/converters/alpine/Dockerfile index e2dbed478e8..d1facee2ded 100644 --- a/vulnfeeds/cmd/converters/alpine/Dockerfile +++ b/vulnfeeds/cmd/converters/alpine/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS GO_BUILD +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS GO_BUILD RUN mkdir /src WORKDIR /src diff --git a/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile index d5abfe2ab30..4bbd9d44c2d 100644 --- a/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile +++ b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS go_build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS go_build RUN mkdir /src WORKDIR /src diff --git a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile index e0d4058eb47..a435ea27690 100644 --- a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile +++ b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS GO_BUILD +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS GO_BUILD WORKDIR /go/src diff --git a/vulnfeeds/cmd/converters/debian/Dockerfile b/vulnfeeds/cmd/converters/debian/Dockerfile index a6cdbd66259..5b0ea6a89de 100644 --- a/vulnfeeds/cmd/converters/debian/Dockerfile +++ b/vulnfeeds/cmd/converters/debian/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS GO_BUILD +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS GO_BUILD RUN mkdir /src WORKDIR /src diff --git a/vulnfeeds/cmd/converters/dsa-dla-dtsa/Dockerfile b/vulnfeeds/cmd/converters/dsa-dla-dtsa/Dockerfile index 8e63cad3e2b..2c56e4c9156 100644 --- a/vulnfeeds/cmd/converters/dsa-dla-dtsa/Dockerfile +++ b/vulnfeeds/cmd/converters/dsa-dla-dtsa/Dockerfile @@ -14,7 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS build +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS build WORKDIR /src @@ -25,7 +25,7 @@ RUN go mod download && go mod verify COPY ./ /src/ RUN CGO_ENABLED=0 go build -o dsa-dla-dtsa ./cmd/converters/dsa-dla-dtsa/main.go -FROM alpine:3.23@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 +FROM alpine:3.23@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 RUN apk add --no-cache git ca-certificates # Increase the Git buffer to 500MB and disable compression to prevent timeouts # downgrading http to 1.1 seems to be the only thing that works diff --git a/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile b/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile index b756ff83fd3..d7acf9c64d2 100644 --- a/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile +++ b/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS GO_BUILD +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS GO_BUILD RUN mkdir /src WORKDIR /src diff --git a/vulnfeeds/cmd/mirrors/download-cves/Dockerfile b/vulnfeeds/cmd/mirrors/download-cves/Dockerfile index 96dfd7414a8..2e80b0851c3 100644 --- a/vulnfeeds/cmd/mirrors/download-cves/Dockerfile +++ b/vulnfeeds/cmd/mirrors/download-cves/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.26.2-alpine@sha256:c2a1f7b2095d046ae14b286b18413a05bb82c9bca9b25fe7ff5efef0f0826166 AS GO_BUILD +FROM golang:1.26.2-alpine@sha256:f85330846cde1e57ca9ec309382da3b8e6ae3ab943d2739500e08c86393a21b1 AS GO_BUILD RUN mkdir /src WORKDIR /src