Merge pull request #15758 from wolfi-dev/update-digests

wolfi-dev · Mar 26, 2024 · 7cf6c16 · 7cf6c16
2 parents 60f7da3 + 0660b56
commit 7cf6c16
Show file tree

Hide file tree

Showing 8 changed files with 15 additions and 15 deletions.
diff --git a/.github/actions/docker-run/action.yaml b/.github/actions/docker-run/action.yaml
@@ -6,7 +6,7 @@ inputs:
     required: true
   image:
     description: "The image to use"
-    default: "ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca"
+    default: "ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb"
     required: false
   workdir:
     description: "The images working directory"

diff --git a/.github/workflows/build-beta.yaml b/.github/workflows/build-beta.yaml
@@ -138,7 +138,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
 
     steps:
       - uses: actions/checkout@v4

diff --git a/.github/workflows/build-old.yaml b/.github/workflows/build-old.yaml
@@ -23,7 +23,7 @@ jobs:
       contents: read
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
       # TODO: Deprivilege
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
@@ -136,7 +136,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
 
     steps:
       - uses: actions/checkout@v4
@@ -254,7 +254,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
 
     steps:
       - uses: actions/checkout@v4

diff --git a/.github/workflows/build-world.yaml b/.github/workflows/build-world.yaml
@@ -24,7 +24,7 @@ jobs:
     # permissions:
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
       # TODO: Deprivilege
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -29,7 +29,7 @@ jobs:
       contents: read
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
       # TODO: Deprivilege
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
@@ -170,7 +170,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
 
     steps:
       - uses: actions/checkout@v4
@@ -288,7 +288,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
 
     steps:
       - uses: actions/checkout@v4

diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml
@@ -33,7 +33,7 @@ jobs:
         run: |
           # Copy wolfictl out of the wolfictl image and onto PATH
           TMP=$(mktemp -d)
-          docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca -c "cp /usr/bin/wolfictl /out"
+          docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb -c "cp /usr/bin/wolfictl /out"
           echo "$TMP" >> $GITHUB_PATH
 
       # Assuming that we have a list of changed files such as `foo.yaml` and `bar.yaml`, this
@@ -236,7 +236,7 @@ jobs:
     name: "ABI Compatibility check"
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
     needs: build
     if: needs.build.outputs.packages_were_built == 'true'
 
@@ -275,7 +275,7 @@ jobs:
     name: "Scan packages for CVEs"
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
     needs: build
     if: needs.build.outputs.packages_were_built == 'true'
 

diff --git a/.github/workflows/lint-world.yaml b/.github/workflows/lint-world.yaml
@@ -29,7 +29,7 @@ jobs:
       group: wolfi-os-builder-${{ matrix.arch }}
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
 
     steps:
       - uses: actions/checkout@v4

diff --git a/Makefile b/Makefile
@@ -187,7 +187,7 @@ dev-container:
 	    -v "${PWD}:${PWD}" \
 	    -w "${PWD}" \
 	    -e SOURCE_DATE_EPOCH=0 \
-	    ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+	    ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
 
 PACKAGES_CONTAINER_FOLDER ?= /work/packages
 TMP_REPOSITORIES_DIR := $(shell mktemp -d)
@@ -252,6 +252,6 @@ dev-container-wolfi:
 		--mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \
 		--mount type=bind,source="$(TMP_REPOSITORIES_FILE)",destination="/etc/apk/repositories",readonly \
 		-w "$(PACKAGES_CONTAINER_FOLDER)" \
-		ghcr.io/wolfi-dev/sdk:latest@sha256:e6a5c2448f299cff0229fb20f9747a3acf8723d33103a1bf9113c50937a0baca
+		ghcr.io/wolfi-dev/sdk:latest@sha256:7d890587cf4912e9753f77e0e7ca81049d9172d46f17c0748bb5b7638a282ffb
 	@rm "$(TMP_REPOSITORIES_FILE)"
 	@rmdir "$(TMP_REPOSITORIES_DIR)"