diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3cecac4..7495417 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,3 +10,53 @@ updates: - "github/*" schedule: interval: "weekly" + + - package-ecosystem: docker + directory: /scripts/generators/docker-compose + schedule: + interval: daily + + - package-ecosystem: pip + directory: /scripts/generators/docker-compose + schedule: + interval: daily + + - package-ecosystem: docker + directory: /scripts/generators/k8s + schedule: + interval: daily + + - package-ecosystem: pip + directory: /scripts/generators/k8s + schedule: + interval: daily + + - package-ecosystem: docker + directory: /src/databases/mysql + schedule: + interval: daily + + - package-ecosystem: docker + directory: /src/loaders/curl + schedule: + interval: daily + + - package-ecosystem: docker + directory: /src/services/java + schedule: + interval: daily + + - package-ecosystem: docker + directory: /src/services/nodejs + schedule: + interval: daily + + - package-ecosystem: npm + directory: /src/services/nodejs + schedule: + interval: daily + + - package-ecosystem: maven + directory: /src/services/java + schedule: + interval: daily diff --git a/scripts/generators/docker-compose/Dockerfile b/scripts/generators/docker-compose/Dockerfile index 1a5c4c4..89f24ed 100644 --- a/scripts/generators/docker-compose/Dockerfile +++ b/scripts/generators/docker-compose/Dockerfile @@ -1,5 +1,5 @@ #checkov:skip=CKV_DOCKER_2:This is a run once container -FROM python:3.13-alpine +FROM python:3.13-alpine@sha256:b6f01a01e34091438a29b6dda4664199e34731fb2581ebb6fe255a2ebf441099 WORKDIR /app diff --git a/scripts/generators/k8s/Dockerfile b/scripts/generators/k8s/Dockerfile index bd6abbf..e7a4eeb 100644 --- a/scripts/generators/k8s/Dockerfile +++ b/scripts/generators/k8s/Dockerfile @@ -1,5 +1,5 @@ #checkov:skip=CKV_DOCKER_2:This is a run once container -FROM python:3.13-alpine +FROM python:3.13-alpine@sha256:b6f01a01e34091438a29b6dda4664199e34731fb2581ebb6fe255a2ebf441099 WORKDIR /app diff --git a/src/databases/mysql/Dockerfile b/src/databases/mysql/Dockerfile index a0a059c..4bd0a1d 100644 --- a/src/databases/mysql/Dockerfile +++ b/src/databases/mysql/Dockerfile @@ -1,6 +1,6 @@ # There is no arm64 version of mysql:5.7, so we use the amd64 version, until we migrate to mariadb. # hadolint ignore=DL3029 -FROM --platform=linux/amd64 mysql:5.7 +FROM --platform=linux/amd64 mysql:5.7@sha256:4bc6bc963e6d8443453676cae56536f4b8156d78bae03c0145cbe47c2aad73bb LABEL org.opencontainers.image.source=https://github.com/cisco-open/app-simulator LABEL org.opencontainers.image.description="mysql database for app-simulator" diff --git a/src/loaders/curl/Dockerfile b/src/loaders/curl/Dockerfile index 6fb0e49..d95e938 100644 --- a/src/loaders/curl/Dockerfile +++ b/src/loaders/curl/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.20.3 +FROM alpine:3.20.3@sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb7527e017a4b4a LABEL org.opencontainers.image.source=https://github.com/cisco-open/app-simulator LABEL org.opencontainers.image.description="curl loader for app-simulator" diff --git a/src/services/java/Dockerfile b/src/services/java/Dockerfile index b2abcf2..3bb56cf 100644 --- a/src/services/java/Dockerfile +++ b/src/services/java/Dockerfile @@ -1,10 +1,10 @@ -FROM maven:3-jdk-11 AS build +FROM maven:3-jdk-11@sha256:805f366910aea2a91ed263654d23df58bd239f218b2f9562ff51305be81fa215 AS build WORKDIR /home/app COPY src /home/app/src COPY pom.xml /home/app RUN mvn -f /home/app/pom.xml clean package -FROM openjdk:11-jre +FROM openjdk:11-jre@sha256:356949c3125c4fa8104745e7ea92bd995da4567634e6599b470d2f972d13e0e2 LABEL org.opencontainers.image.source=https://github.com/cisco-open/app-simulator LABEL org.opencontainers.image.description="java service for app-simulator" diff --git a/src/services/nodejs/Dockerfile b/src/services/nodejs/Dockerfile index 4ac565f..9bb7652 100644 --- a/src/services/nodejs/Dockerfile +++ b/src/services/nodejs/Dockerfile @@ -1,4 +1,4 @@ -FROM node:18 +FROM node:18@sha256:7f31a1eb14c61719b8bb0eaa029310cc33851f71d3578cc422b390f8096977c5 LABEL org.opencontainers.image.source=https://github.com/cisco-open/app-simulator LABEL org.opencontainers.image.description="nodejs service for app-simulator"