Merge pull request #11406 from ajayk/revert-digests

revert image digests to sdk version sha256:5e5f5db761209c250b5fd5670e…
wolfi-dev · Jan 18, 2024 · 1e4eb73 · 1e4eb73
2 parents c5fdd48 + dc2bf13
commit 1e4eb73
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 10 deletions.
diff --git a/.github/workflows/build-world.yaml b/.github/workflows/build-world.yaml
@@ -24,7 +24,7 @@ jobs:
     # permissions:
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14
       # TODO: Deprivilege
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -29,7 +29,7 @@ jobs:
       contents: read
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14
       # TODO: Deprivilege
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
@@ -142,7 +142,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14
 
     steps:
       - uses: actions/checkout@v4
@@ -241,7 +241,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14
 
     steps:
       - uses: actions/checkout@v4

diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml
@@ -33,7 +33,7 @@ jobs:
         run: |
           # Copy wolfictl out of the wolfictl image and onto PATH
           TMP=$(mktemp -d)
-          docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850 -c "cp /usr/bin/wolfictl /out"
+          docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14 -c "cp /usr/bin/wolfictl /out"
           echo "$TMP" >> $GITHUB_PATH
 
       # Assuming that we have a list of changed files such as `foo.yaml` and `bar.yaml`, this
@@ -70,7 +70,7 @@ jobs:
       group: wolfi-builder-${{ matrix.arch }}
     needs: changes
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --security-opt seccomp=unconfined --security-opt apparmor:unconfined
     outputs:
@@ -155,7 +155,7 @@ jobs:
     name: "ABI Compatibility check"
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14
     needs: build
     if: needs.build.outputs.packages_were_built == 'true'
 
@@ -193,7 +193,7 @@ jobs:
     name: "Scan packages for CVEs"
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14
     needs: build
     if: needs.build.outputs.packages_were_built == 'true'
 

diff --git a/.github/workflows/lint-world.yaml b/.github/workflows/lint-world.yaml
@@ -29,7 +29,7 @@ jobs:
       group: wolfi-os-builder-${{ matrix.arch }}
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14
 
     steps:
       - uses: actions/checkout@v4

diff --git a/.github/workflows/withdraw-packages.yaml b/.github/workflows/withdraw-packages.yaml
@@ -22,7 +22,7 @@ jobs:
         run: |
           # Copy wolfictl out of the wolfictl image and onto PATH
           TMP=$(mktemp -d)
-          docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:23b783a9420d2a659e0517718dfbc58b6d3c6b1503334fa20781d4edebd7f850 -c "cp /usr/bin/wolfictl /out"
+          docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:5e5f5db761209c250b5fd5670ed9820efcca39d87889c93fe3eeae4873f43c14 -c "cp /usr/bin/wolfictl /out"
           echo "$TMP" >> $GITHUB_PATH
 
       - name: 'Authenticate to Google Cloud'