diff --git a/Dockerfile b/Dockerfile index 94a23527d25..c84edd62cb6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,4 +15,4 @@ # This is used to we scrap the go version and use in CI to get the latest go version # and we use dependabot to keep the go version up to date -FROM golang:1.25.7 \ No newline at end of file +FROM golang:1.26.3 \ No newline at end of file diff --git a/Dockerfile.clients.rh b/Dockerfile.clients.rh index 41d60d7a63f..21df5d721f1 100644 --- a/Dockerfile.clients.rh +++ b/Dockerfile.clients.rh @@ -7,7 +7,7 @@ FROM quay.io/securesign/fetch-tsa-certs@sha256:ed75504f268e3daa83d89ef7e624cf02f # Provides the Trusted Artifact Signer CLI binaries, rekor-cli and ec FROM quay.io/securesign/rekor-cli@sha256:f23f930067bd07aadebad190bae7a4e46cd51f87453af2bfa1178beb83c6ce62 as rekor -FROM registry.redhat.io/rhtas/ec-rhel9:0.8-1776366841@sha256:e4dafcf2793e5bd050aff6d458bb161aa9c018f8df43a0142a8b1d6eaea78c9a as ec +FROM registry.redhat.io/rhtas/ec-rhel9:0.8-1776979197@sha256:80e7f65efc0bfabaf474f137e4584d986bbeba3303c8388cdc4c67e654d62219 as ec # Provides the Trusted Artifact Signer CLI binaries trillian-createtree and trillian-updatetree FROM quay.io/securesign/trillian-createtree@sha256:cfb85006207e79aaeaa298406b142c43197b7091396b88b3022f3b4268ef6806 as trillian-createtree @@ -15,7 +15,7 @@ FROM quay.io/securesign/trillian-updatetree@sha256:378d70fc5336e990b66d85d2dbadb FROM quay.io/securesign/cli-tuftool@sha256:8ddafda3ca282acf2837320f269938370e05f277b2e120a2e8b603820a66b67d as tuf-tool -FROM registry.redhat.io/ubi9/httpd-24@sha256:06a9ae77db5dd740511ca4dd14f53c245852ba500676869f0e38088b3ab580df +FROM registry.redhat.io/ubi9/httpd-24@sha256:42e093b23eb66a6870fe2659184ef5c8ba24c1bcf4ec3586068cac154749faff ENV APP_ROOT=/opt/app-root WORKDIR $APP_ROOT/src/ diff --git a/Dockerfile.cosign.rh b/Dockerfile.cosign.rh index 85c9659e731..d231c4ca1a3 100644 --- a/Dockerfile.cosign.rh +++ b/Dockerfile.cosign.rh @@ -1,6 +1,6 @@ # Build stage -FROM registry.redhat.io/ubi9/go-toolset:9.7-1776763740@sha256:d637b9dfccb16623f19b95c43fe5a65b20b722e62753c4445c5d02f9e40b807d AS build-env +FROM registry.redhat.io/ubi9/go-toolset:9.8-1777889793@sha256:1c1259373e6feb4b57de490452379c40888cf6e876154cd2ace17eae9c64a7ea AS build-env ENV GOEXPERIMENT=strictfipsruntime ENV CGO_ENABLED=1 @@ -26,7 +26,7 @@ RUN git config --global --add safe.directory /cosign && \ git update-index --no-assume-unchanged Dockerfile.cosign.rh # Install Cosign -FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:8e5f23f039511fbb19fcd95b7caa0bbfbf1780ed14d300c3539df6f1040e285d +FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:10c773dc96763e3201275bae7865d278ca4b91db586117adec79079a2d7cdb80 LABEL description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices." LABEL io.k8s.description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."