Skip to content

Commit

Permalink
❇️ Pin our docker dependencies by hash (#468)
Browse files Browse the repository at this point in the history 
* check pinning in docker files

* Pin our docker dependencies

* Revert "check pinning in docker files"

This reverts commit c05a500.

* comments

* typo

* fix hashes
  • Loading branch information
@laurentsimon
laurentsimon committed May 18, 2021
1 parent 90e1aeb commit 3b1c9b8
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 6 deletions.
4 changes: 2 additions & 2 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
# limitations under the License.


FROM golang:1.16.4 as base
FROM golang:1.16.4@sha256:6f0b0a314b158ff6caf8f12d7f6f3a966500ec6afb533e986eca7375e2f7560f AS base
WORKDIR /src
ENV CGO_ENABLED=0
COPY go.* ./
Expand All @@ -25,6 +25,6 @@ ARG TARGETOS
ARG TARGETARCH
RUN CGO_ENABLED=0 make build-scorecard

FROM gcr.io/distroless/base:nonroot
FROM gcr.io/distroless/base:nonroot@sha256:bc84925113289d139a9ef2f309f0dd7ac46ea7b786f172ba9084ffdb4cbd9490
COPY --from=build /src/scorecard /
ENTRYPOINT [ "/scorecard" ]
4 changes: 2 additions & 2 deletions cron/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
# limitations under the License.


FROM golang:1.16.3 as base
FROM golang:1.16.4@sha256:6f0b0a314b158ff6caf8f12d7f6f3a966500ec6afb533e986eca7375e2f7560f AS base
WORKDIR /src
ENV CGO_ENABLED=0
COPY go.* ./
Expand All @@ -31,7 +31,7 @@ ARG TARGETOS
ARG TARGETARCH
RUN CGO_ENABLED=0 make build-cron

FROM gcr.io/google.com/cloudsdktool/cloud-sdk:slim
FROM gcr.io/google.com/cloudsdktool/cloud-sdk:slim@sha256:acb34ca33bc83255110d16a749b0da618a96fcc481348ecfe614b3edcabdeaa6
COPY ./cron/projects.txt /cron/projects.txt
COPY --from=build /src/scorecard /
COPY --from=cron /src/cron/scorecardcron ./cron/cron
Expand Down
4 changes: 2 additions & 2 deletions gitcache/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@

# syntax = docker/dockerfile:1-experimental

FROM golang:1.16 as base
FROM golang:1.16.4@sha256:6f0b0a314b158ff6caf8f12d7f6f3a966500ec6afb533e986eca7375e2f7560f AS base
WORKDIR /src
ENV CGO_ENABLED=0
COPY go.* ./
Expand All @@ -26,6 +26,6 @@ ARG TARGETOS
ARG TARGETARCH
RUN --mount=type=cache,target=/root/.cache/go-build CGO_ENABLED=0 go build -a -tags netgo -ldflags '-w -extldflags "-static"' -o /out/gitblobcache .

FROM gcr.io/distroless/base:nonroot
FROM gcr.io/distroless/base:nonroot@sha256:bc84925113289d139a9ef2f309f0dd7ac46ea7b786f172ba9084ffdb4cbd9490
COPY --from=build /out/gitblobcache /
ENTRYPOINT [ "/gitblobcache" ]

0 comments on commit 3b1c9b8

Please sign in to comment.