Skip to content

Commit

Permalink
Do not pin digests for Dockerfiles and docker-compose files (#8689)
Browse files Browse the repository at this point in the history
  • Loading branch information
@adutra
adutra authored Jun 3, 2024
1 parent a3233d3 commit 71283e4
Show file tree
Hide file tree
Showing 33 changed files with 46 additions and 47 deletions.
5 changes: 2 additions & 3 deletions .github/renovate.json5
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
// Required to not pin dependencies to _exact_ versions (pip)
":preserveSemverRanges",
"group:monorepos",
"docker:pinDigests",
"helpers:pinGitHubActionDigests",
":semanticPrefixFixDepsChoreOthers",
":dependencyDashboard",
Expand All @@ -27,7 +26,7 @@
// Dockerfile for google-cloud-cli, basically no minor/patch version, daily major version updates
{
matchManagers: ["dockerfile", "devcontainer", "docker-compose"],
matchUpdateTypes: ["major", "minor", "patch", "digest"],
matchUpdateTypes: ["major", "minor", "patch"],
matchPackageNames: [
"gcr.io/google.com/cloudsdktool/google-cloud-cli"
],
Expand All @@ -38,7 +37,7 @@
// Check for updates, merge automatically
{
matchManagers: ["maven", "gradle", "gradle-wrapper", "pip_requirements", "pip_setup", "dockerfile", "devcontainer", "docker-compose"],
matchUpdateTypes: ["minor", "patch", "pin", "pinDigest", "digest"],
matchUpdateTypes: ["minor", "patch"],
automerge: true,
platformAutomerge: true,
},
Expand Down
2 changes: 1 addition & 1 deletion ...nt/src/intTest/resources/org/projectnessie/client/auth/oauth2/Dockerfile-authelia-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM authelia/authelia:4.38@sha256:19375b10024caeef4e0b119a6247beae84cbaa02c846cfd750e92dea910d4b6a
FROM authelia/authelia:4.38
2 changes: 1 addition & 1 deletion ...nt/src/intTest/resources/org/projectnessie/client/auth/oauth2/Dockerfile-keycloak-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM quay.io/keycloak/keycloak:24.0.4@sha256:ff02c932f0249c58f32b8ff1b188a48cc90809779a3a05931ab67f5672400ad0
FROM quay.io/keycloak/keycloak:24.0.4
2 changes: 1 addition & 1 deletion api/model/src/intTest/resources/org/projectnessie/model/Dockerfile-redocly-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM docker.io/redocly/cli:1.14.0@sha256:fcdcfd8cb8794bac7a7fb2518d583f33e6909f374785c64a6cbb38b7aa1be410
FROM docker.io/redocly/cli:1.14.0
2 changes: 1 addition & 1 deletion ...i/src/intTest/resources/org/projectnessie/nessie/cli/commands/Dockerfile-keycloak-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM quay.io/keycloak/keycloak:24.0.4@sha256:ff02c932f0249c58f32b8ff1b188a48cc90809779a3a05931ab67f5672400ad0
FROM quay.io/keycloak/keycloak:24.0.4
4 changes: 2 additions & 2 deletions docker/authn-authelia/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ version: '3'
services:

nessie:
image: ghcr.io/projectnessie/nessie:latest@sha256:7fc6cfe427db95f660f9676e10c30c5c21a91d48bf37b2ec52abb646d246b34d
image: ghcr.io/projectnessie/nessie:latest
ports:
- "19120:19120"
depends_on:
Expand All @@ -45,7 +45,7 @@ services:
retries: 15

authelia:
image: authelia/authelia:4.38@sha256:19375b10024caeef4e0b119a6247beae84cbaa02c846cfd750e92dea910d4b6a
image: authelia/authelia:4.38
ports:
- "9091:9091"
volumes:
Expand Down
4 changes: 2 additions & 2 deletions docker/authn-keycloak/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ version: '3'
services:

nessie:
image: ghcr.io/projectnessie/nessie:latest@sha256:7fc6cfe427db95f660f9676e10c30c5c21a91d48bf37b2ec52abb646d246b34d
image: ghcr.io/projectnessie/nessie:latest
ports:
- "19120:19120"
depends_on:
Expand All @@ -43,7 +43,7 @@ services:
retries: 15

keycloak:
image: quay.io/keycloak/keycloak:24.0.4@sha256:ff02c932f0249c58f32b8ff1b188a48cc90809779a3a05931ab67f5672400ad0
image: quay.io/keycloak/keycloak:24.0.4
ports:
- "8080:8080"
environment:
Expand Down
10 changes: 5 additions & 5 deletions docker/catalog-auth-s3-otel-jdbc/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ services:

# Jaeger (OpenTelemetry traces collector)
jaeger:
image: docker.io/jaegertracing/all-in-one:latest@sha256:177998a612bd025a5ed80d020392ff51fdfae586df58fc8970e419266e1bd7a8
image: docker.io/jaegertracing/all-in-one:latest
ports:
# Jaeger gRPC collector, used by Nessie
- "4317:4317"
Expand All @@ -108,7 +108,7 @@ services:

# MinIO
minio:
image: quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z@sha256:7cb3f11447d1ac7c4b73420dd8f3601afa16ea0cd7e929ecb00be1a8af1eac05
image: quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z
ports:
# API port, used by Nessie
- "9000:9000"
Expand All @@ -128,7 +128,7 @@ services:

# Create MinIO bucket
minio-setup:
image: quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z@sha256:7cb3f11447d1ac7c4b73420dd8f3601afa16ea0cd7e929ecb00be1a8af1eac05
image: quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z
depends_on:
minio:
condition: service_healthy
Expand All @@ -151,7 +151,7 @@ services:
# curl http://127.0.0.1:8080/realms/iceberg/protocol/openid-connect/token --user client2:s3cr3t -d 'grant_type=client_credentials' -d 'scope=catalog'
# curl http://127.0.0.1:8080/realms/iceberg/protocol/openid-connect/token --user client3:s3cr3t -d 'grant_type=client_credentials' -d 'scope=catalog'
keycloak:
image: quay.io/keycloak/keycloak:24.0.4@sha256:ff02c932f0249c58f32b8ff1b188a48cc90809779a3a05931ab67f5672400ad0
image: quay.io/keycloak/keycloak:24.0.4
depends_on:
- postgres
ports:
Expand Down Expand Up @@ -181,7 +181,7 @@ services:
retries: 15

postgres:
image: postgres:16.3@sha256:1bf73ccae25238fa555100080042f0b2f9be08eb757e200fe6afc1fc413a1b3c
image: postgres:16.3
ports:
- "5432:5432"
# set shared memory limit when using docker-compose
Expand Down
8 changes: 4 additions & 4 deletions docker/catalog-auth-s3-otel/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ services:

# Jaeger (OpenTelemetry traces collector)
jaeger:
image: docker.io/jaegertracing/all-in-one:latest@sha256:177998a612bd025a5ed80d020392ff51fdfae586df58fc8970e419266e1bd7a8
image: docker.io/jaegertracing/all-in-one:latest
ports:
# Jaeger gRPC collector, used by Nessie
- "4317:4317"
Expand All @@ -103,7 +103,7 @@ services:

# MinIO
minio:
image: quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z@sha256:7cb3f11447d1ac7c4b73420dd8f3601afa16ea0cd7e929ecb00be1a8af1eac05
image: quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z
ports:
# API port, used by Nessie
- "9000:9000"
Expand All @@ -123,7 +123,7 @@ services:

# Create MinIO bucket
minio-setup:
image: quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z@sha256:7cb3f11447d1ac7c4b73420dd8f3601afa16ea0cd7e929ecb00be1a8af1eac05
image: quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z
depends_on:
minio:
condition: service_healthy
Expand All @@ -146,7 +146,7 @@ services:
# curl http://127.0.0.1:8080/realms/iceberg/protocol/openid-connect/token --user client2:s3cr3t -d 'grant_type=client_credentials' -d 'scope=catalog'
# curl http://127.0.0.1:8080/realms/iceberg/protocol/openid-connect/token --user client3:s3cr3t -d 'grant_type=client_credentials' -d 'scope=catalog'
keycloak:
image: quay.io/keycloak/keycloak:24.0.4@sha256:ff02c932f0249c58f32b8ff1b188a48cc90809779a3a05931ab67f5672400ad0
image: quay.io/keycloak/keycloak:24.0.4
ports:
- "8080:8080"
environment:
Expand Down
4 changes: 2 additions & 2 deletions docker/dynamodb/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
version: '3'
services:
nessie:
image: ghcr.io/projectnessie/nessie:latest@sha256:7fc6cfe427db95f660f9676e10c30c5c21a91d48bf37b2ec52abb646d246b34d
image: ghcr.io/projectnessie/nessie:latest
ports:
- "19120:19120"
depends_on:
Expand All @@ -30,6 +30,6 @@ services:
- quarkus.dynamodb.aws.credentials.static-provider.access-key-id=fakeKeyId
- quarkus.dynamodb.aws.credentials.static-provider.secret-access-key=fakeSecretAccessKey
dynamodb:
image: amazon/dynamodb-local@sha256:22b1f856581e5c77549b319c20371c7454381d7ef039d2a386c1b0dc686573cd
image: amazon/dynamodb-local
ports:
- "8000:8000"
2 changes: 1 addition & 1 deletion docker/in_memory/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
version: '3'
services:
nessie:
image: ghcr.io/projectnessie/nessie:latest@sha256:7fc6cfe427db95f660f9676e10c30c5c21a91d48bf37b2ec52abb646d246b34d
image: ghcr.io/projectnessie/nessie:latest
ports:
- 19120:19120
environment:
Expand Down
4 changes: 2 additions & 2 deletions docker/mongodb/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
version: '3'
services:
nessie:
image: ghcr.io/projectnessie/nessie:latest@sha256:7fc6cfe427db95f660f9676e10c30c5c21a91d48bf37b2ec52abb646d246b34d
image: ghcr.io/projectnessie/nessie:latest
ports:
- "19120:19120"
depends_on:
Expand All @@ -27,7 +27,7 @@ services:
- quarkus.mongodb.database=nessie
- quarkus.mongodb.connection-string=mongodb://root:password@mongo:27017
mongo:
image: mongo@sha256:8f9f843d383e358d9be2f172ba9d2455e8736f3c59b00330da1f1b44273ce267
image: mongo
ports:
- "27017:27017"
environment:
Expand Down
4 changes: 2 additions & 2 deletions docker/telemetry/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ version: "2"
services:

nessie:
image: ghcr.io/projectnessie/nessie:latest@sha256:7fc6cfe427db95f660f9676e10c30c5c21a91d48bf37b2ec52abb646d246b34d
image: ghcr.io/projectnessie/nessie:latest
ports:
- "19120:19120"
depends_on:
Expand All @@ -13,7 +13,7 @@ services:

# Jaeger
jaeger:
image: docker.io/jaegertracing/all-in-one:latest@sha256:177998a612bd025a5ed80d020392ff51fdfae586df58fc8970e419266e1bd7a8
image: docker.io/jaegertracing/all-in-one:latest
ports:
- "16686:16686" # Jaeger UI
- "4317:4317" # OTLP gRPC receiver
Expand Down
2 changes: 1 addition & 1 deletion ...-jdbc/src/intTest/resources/org/projectnessie/gc/contents/jdbc/Dockerfile-mariadb-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM mariadb:11.4.2@sha256:a891b59da43875e5fa2e260da7901b10c5e01e63e26cc33981ffdd9ab2c50d3b
FROM mariadb:11.4.2
2 changes: 1 addition & 1 deletion ...ry-jdbc/src/intTest/resources/org/projectnessie/gc/contents/jdbc/Dockerfile-mysql-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM mysql:8.4.0@sha256:aa021e164da6aacbefc59ed0b933427e4835636be380f3b6523f4a6c9564e1f0
FROM mysql:8.4.0
2 changes: 1 addition & 1 deletion ...jdbc/src/intTest/resources/org/projectnessie/gc/contents/jdbc/Dockerfile-postgres-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM postgres:16.3@sha256:1bf73ccae25238fa555100080042f0b2f9be08eb757e200fe6afc1fc413a1b3c
FROM postgres:16.3
2 changes: 1 addition & 1 deletion ...container/src/main/resources/org/projectnessie/testing/azurite/Dockerfile-azurite-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM mcr.microsoft.com/azure-storage/azurite:3.30.0@sha256:01233a6593e2f2cb3e515731f83ca720454018b80e08207f18fa691b71bd054d
FROM mcr.microsoft.com/azure-storage/azurite:3.30.0
2 changes: 1 addition & 1 deletion ...ainer/src/main/resources/org/projectnessie/testing/gcs/Dockerfile-fake-gcs-server-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM docker.io/fsouza/fake-gcs-server:1.49.1@sha256:2ac1a4d8eaa827cb9fe8794ea0690a4606d025666b7b032ad2896b91e675ec72
FROM docker.io/fsouza/fake-gcs-server:1.49.1
2 changes: 1 addition & 1 deletion ...ntainer/src/main/resources/org/projectnessie/testing/keycloak/Dockerfile-keycloak-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM quay.io/keycloak/keycloak:24.0.4@sha256:ff02c932f0249c58f32b8ff1b188a48cc90809779a3a05931ab67f5672400ad0
FROM quay.io/keycloak/keycloak:24.0.4
2 changes: 1 addition & 1 deletion testing/minio-container/src/main/resources/org/projectnessie/minio/Dockerfile-minio-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z@sha256:7cb3f11447d1ac7c4b73420dd8f3601afa16ea0cd7e929ecb00be1a8af1eac05
FROM quay.io/minio/minio:RELEASE.2024-05-28T17-19-04Z
2 changes: 1 addition & 1 deletion ...e-container/src/main/resources/org/projectnessie/testing/nessie/Dockerfile-nessie-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM ghcr.io/projectnessie/nessie:0.83.2@sha256:7fc6cfe427db95f660f9676e10c30c5c21a91d48bf37b2ec52abb646d246b34d
FROM ghcr.io/projectnessie/nessie:0.83.2
2 changes: 1 addition & 1 deletion tools/dockerbuild/docker/Dockerfile-admintool
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM registry.access.redhat.com/ubi9/openjdk-21-runtime:1.18-4@sha256:399a4169b3474e949597390191faab28f404e4cacc816de1b33fa389b48f929f
FROM registry.access.redhat.com/ubi9/openjdk-21-runtime:1.18-4

LABEL org.opencontainers.image.source=https://github.com/projectnessie/nessie
LABEL org.opencontainers.image.description="Projectnessie Sever Admin Tool"
Expand Down
2 changes: 1 addition & 1 deletion tools/dockerbuild/docker/Dockerfile-gctool
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM registry.access.redhat.com/ubi9/openjdk-21-runtime:1.18-4@sha256:399a4169b3474e949597390191faab28f404e4cacc816de1b33fa389b48f929f
FROM registry.access.redhat.com/ubi9/openjdk-21-runtime:1.18-4

LABEL org.opencontainers.image.source=https://github.com/projectnessie/nessie
LABEL org.opencontainers.image.description="Projectnessie GC Tool"
Expand Down
2 changes: 1 addition & 1 deletion tools/dockerbuild/docker/Dockerfile-server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
# (See site/docs/try/configuration.md)
#
###
FROM registry.access.redhat.com/ubi9/openjdk-21-runtime:1.18-4@sha256:399a4169b3474e949597390191faab28f404e4cacc816de1b33fa389b48f929f
FROM registry.access.redhat.com/ubi9/openjdk-21-runtime:1.18-4

LABEL org.opencontainers.image.source=https://github.com/projectnessie/nessie
LABEL org.opencontainers.image.description="Projectnessie Nessie Core Server"
Expand Down
2 changes: 1 addition & 1 deletion ...ces/org/projectnessie/versioned/storage/bigtabletests/Dockerfile-google-cloud-sdk-version
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@
# Version is managed by Renovate - do not edit.
# See https://cloud.google.com/sdk/docs/downloads-docker#docker_image_options
# Use debian_component_based because it supports linux/arm
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:478.0.0-debian_component_based@sha256:e4f2f9dd2ebdc27e8154ab400925cd65de708c9e7b30c1807341f66daff0fde7
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:478.0.0-debian_component_based
2 changes: 1 addition & 1 deletion ...resources/org/projectnessie/versioned/storage/cassandratests/Dockerfile-cassandra-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM docker.io/cassandra:5.0@sha256:3869be6ad2d0819542ccb4e1ebd4c2239e5fd756eaea821c5c81c02487a2c365
FROM docker.io/cassandra:5.0
2 changes: 1 addition & 1 deletion .../resources/org/projectnessie/versioned/storage/cassandratests/Dockerfile-scylladb-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM docker.io/scylladb/scylla:5.4.6@sha256:f479b2dc70e0dc6684a606d0f76c129829c9b847521a50168ae2dd92a4ef011e
FROM docker.io/scylladb/scylla:5.4.6
2 changes: 1 addition & 1 deletion ...urces/org/projectnessie/versioned/storage/dynamodbtests/Dockerfile-dynamodb-local-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM docker.io/amazon/dynamodb-local:2.5.0@sha256:22b1f856581e5c77549b319c20371c7454381d7ef039d2a386c1b0dc686573cd
FROM docker.io/amazon/dynamodb-local:2.5.0
2 changes: 1 addition & 1 deletion ...main/resources/org/projectnessie/versioned/storage/jdbctests/Dockerfile-cockroach-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM cockroachdb/cockroach:v23.2.5@sha256:e48162e1a7dd7611dc87bd06c145aa22b7a6f98f6fa046c1884e58ebd82d9d51
FROM cockroachdb/cockroach:v23.2.5
2 changes: 1 addition & 1 deletion ...c/main/resources/org/projectnessie/versioned/storage/jdbctests/Dockerfile-mariadb-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM mariadb:11.4.2@sha256:a891b59da43875e5fa2e260da7901b10c5e01e63e26cc33981ffdd9ab2c50d3b
FROM mariadb:11.4.2
2 changes: 1 addition & 1 deletion ...src/main/resources/org/projectnessie/versioned/storage/jdbctests/Dockerfile-mysql-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM mysql:8.4.0@sha256:aa021e164da6aacbefc59ed0b933427e4835636be380f3b6523f4a6c9564e1f0
FROM mysql:8.4.0
2 changes: 1 addition & 1 deletion .../main/resources/org/projectnessie/versioned/storage/jdbctests/Dockerfile-postgres-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM postgres:16.3@sha256:1bf73ccae25238fa555100080042f0b2f9be08eb757e200fe6afc1fc413a1b3c
FROM postgres:16.3
2 changes: 1 addition & 1 deletion ...ain/resources/org/projectnessie/versioned/storage/mongodbtests/Dockerfile-mongodb-version
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Dockerfile to provide the image name and tag to a test.
# Version is managed by Renovate - do not edit.
FROM mongo:7.0.11@sha256:8f9f843d383e358d9be2f172ba9d2455e8736f3c59b00330da1f1b44273ce267
FROM mongo:7.0.11

0 comments on commit 71283e4

Please sign in to comment.