From ade0a73d09cb38d91cd6ccfcdf1e408055332f47 Mon Sep 17 00:00:00 2001 From: "red-hat-konflux[bot]" <126015336+red-hat-konflux[bot]@users.noreply.github.com> Date: Tue, 12 May 2026 23:19:30 +0000 Subject: [PATCH] chore(deps): update docker images Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> --- Dockerfile | 2 +- Dockerfile.cli-stack.rh | 4 ++-- Dockerfile.clients.rh | 4 ++-- Dockerfile.conforma-cli-stack.rh | 4 ++-- Dockerfile.cosign.rh | 4 ++-- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4c0da9bd593..97d18f41e63 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,4 +15,4 @@ # This is used to we scrap the go version and use in CI to get the latest go version # and we use dependabot to keep the go version up to date -FROM golang:1.25.7 +FROM golang:1.26.3 diff --git a/Dockerfile.cli-stack.rh b/Dockerfile.cli-stack.rh index 9a8bcd59aee..86bd373dfda 100644 --- a/Dockerfile.cli-stack.rh +++ b/Dockerfile.cli-stack.rh @@ -3,7 +3,7 @@ FROM --platform=linux/arm64 quay.io/securesign/cli-cosign@sha256:f7ebd95afa252 FROM --platform=linux/ppc64le quay.io/securesign/cli-cosign@sha256:76326f72e8a350b69c284db4d03ab632f2c137c6d9ae3808cedd51f1c98a1674 AS build-ppc64le FROM --platform=linux/s390x quay.io/securesign/cli-cosign@sha256:1b3078cb111c663a340668bf7c5148cb3e9fea2f0809a33b5ce247c22b462ca6 AS build-s390x -FROM registry.redhat.io/ubi9/go-toolset:9.7-1774618347@sha256:0f4f6f7868962aa75dddfe4230b664bdf77071e92c43c70c824c58450e37693f AS packager +FROM registry.redhat.io/ubi9/go-toolset:9.7-1778604137@sha256:e06a6f4c85c3ca75f64127542449c9770fb885adfb592f987c576d268ac108de AS packager USER root RUN mkdir -p /binaries @@ -47,7 +47,7 @@ RUN gzip -d /tmp/cosign-windows-amd64.exe.gz && \ rm /tmp/cosign-windows-amd64.exe # Final minimal image with all binaries -FROM registry.redhat.io/ubi9/ubi-minimal@sha256:83006d535923fcf1345067873524a3980316f51794f01d8655be55d6e9387183 +FROM registry.redhat.io/ubi9/ubi-minimal@sha256:12db9874bd753eb98b1ab3d840e75de5d6842ac0604fbd68c012adefe97140be LABEL description="Flat image containing cosign CLI binaries for all platforms and architectures" LABEL io.k8s.description="Flat image containing cosign CLI binaries for all platforms and architectures" diff --git a/Dockerfile.clients.rh b/Dockerfile.clients.rh index 482f72f8c25..aba53e38b0a 100644 --- a/Dockerfile.clients.rh +++ b/Dockerfile.clients.rh @@ -21,7 +21,7 @@ FROM --platform=linux/arm64 quay.io/securesign/rekor-cli@sha256:73a707e13c90cc53 FROM --platform=linux/ppc64le quay.io/securesign/rekor-cli@sha256:8bf706967755e6489dcc8e4e71717eef4452950c8b5184bc06336c8cc67812bf as rekor-ppc64le FROM --platform=linux/s390x quay.io/securesign/rekor-cli@sha256:44b2ded738016fae222db9319eb843612a2d67011b103ea82b9ef6b3e57ca198 as rekor-s390x -FROM registry.redhat.io/rhtas/ec-rhel9:0.8@sha256:db0c40dcc9a8ad2015af8b4d894f1434c9397a66b2919d81c1f323134d12bb5a as ec +FROM registry.redhat.io/rhtas/ec-rhel9:0.8-1776979197@sha256:52ff87e53a584265e5cdb67551e123185e3b3937cfecf2f0ac486894fc44c4d1 as ec # Provides the Trusted Artifact Signer CLI binaries trillian-createtree and trillian-updatetree FROM --platform=linux/amd64 quay.io/securesign/trillian-createtree@sha256:5a68980e9d21a069c9f4bdbc6dfdd9407d6138d017cff0efb416af51934685ba as trillian-createtree-amd64 @@ -36,7 +36,7 @@ FROM --platform=linux/s390x quay.io/securesign/trillian-updatetree@sha256:d316d3 FROM quay.io/securesign/cli-tuftool@sha256:2fbffa294cac96c7b618a23284555adec42dcb4afdaf6d90b6944541a56d9b69 as tuf-tool -FROM registry.redhat.io/ubi9/httpd-24@sha256:e7cfc9237b44ba31d78d520f1cdc1ff076bc1e1ad538bda3039cb772905e37f9 +FROM registry.redhat.io/ubi9/httpd-24@sha256:e44ddd84a5d86c800f758ae0f09ebe321ec997d0e546c80db6ea8263c6a054d8 ENV APP_ROOT=/opt/app-root WORKDIR $APP_ROOT/src/ diff --git a/Dockerfile.conforma-cli-stack.rh b/Dockerfile.conforma-cli-stack.rh index aac937bc21b..efc326c692d 100644 --- a/Dockerfile.conforma-cli-stack.rh +++ b/Dockerfile.conforma-cli-stack.rh @@ -4,7 +4,7 @@ FROM --platform=linux/ppc64le quay.io/redhat-user-workloads/rhtap-contract-tenan FROM --platform=linux/s390x quay.io/redhat-user-workloads/rhtap-contract-tenant/ec-v08/cli-v08@sha256:3e332ca617d16249f803e2eb1918189a5cc8ab1275bb03a5e8dbe3d0d329cd4f AS build-s390x -FROM registry.redhat.io/ubi9/go-toolset:9.7-1774618347@sha256:0f4f6f7868962aa75dddfe4230b664bdf77071e92c43c70c824c58450e37693f AS packager +FROM registry.redhat.io/ubi9/go-toolset:9.7-1778604137@sha256:e06a6f4c85c3ca75f64127542449c9770fb885adfb592f987c576d268ac108de AS packager USER root RUN mkdir -p /binaries @@ -49,7 +49,7 @@ RUN gzip -d /tmp/ec_windows_amd64.exe.gz && \ rm /tmp/ec_windows_amd64.exe # Final minimal image with all binaries -FROM registry.redhat.io/ubi9/ubi-minimal@sha256:83006d535923fcf1345067873524a3980316f51794f01d8655be55d6e9387183 +FROM registry.redhat.io/ubi9/ubi-minimal@sha256:12db9874bd753eb98b1ab3d840e75de5d6842ac0604fbd68c012adefe97140be LABEL description="Flat image containing Conforma CLI binaries for all platforms and architectures" LABEL io.k8s.description="Flat image containing Conforma CLI binaries for all platforms and architectures" diff --git a/Dockerfile.cosign.rh b/Dockerfile.cosign.rh index 6a857aa82d0..bf9a1292797 100644 --- a/Dockerfile.cosign.rh +++ b/Dockerfile.cosign.rh @@ -1,5 +1,5 @@ # Build stage -FROM registry.redhat.io/ubi9/go-toolset:9.7-1774618347@sha256:0f4f6f7868962aa75dddfe4230b664bdf77071e92c43c70c824c58450e37693f AS build-env +FROM registry.redhat.io/ubi9/go-toolset:9.7-1778604137@sha256:e06a6f4c85c3ca75f64127542449c9770fb885adfb592f987c576d268ac108de AS build-env ENV GOEXPERIMENT=strictfipsruntime ENV CGO_ENABLED=1 @@ -27,7 +27,7 @@ RUN git config --global --add safe.directory /cosign && \ git update-index --no-assume-unchanged Dockerfile.cosign.rh # Install Cosign -FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:83006d535923fcf1345067873524a3980316f51794f01d8655be55d6e9387183 +FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:12db9874bd753eb98b1ab3d840e75de5d6842ac0604fbd68c012adefe97140be LABEL description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices." LABEL io.k8s.description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."