From 01e430e82101cfd47ff0cd296502647c056574ed Mon Sep 17 00:00:00 2001 From: Horst Gutmann Date: Tue, 16 Jan 2024 15:24:40 +0100 Subject: [PATCH] chore: Bump Alpine base image to 3.18.5 (#80540) --- .drone.yml | 70 ++++++++++++++++----------------- Dockerfile | 2 +- packaging/docker/build.sh | 2 +- pkg/build/docker/build.go | 2 +- scripts/drone/utils/images.star | 2 +- 5 files changed, 39 insertions(+), 39 deletions(-) diff --git a/.drone.yml b/.drone.yml index b2380ae67f1..9f34e4e8279 100644 --- a/.drone.yml +++ b/.drone.yml @@ -17,7 +17,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd @@ -67,7 +67,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd @@ -117,7 +117,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - yarn install --immutable @@ -217,7 +217,7 @@ steps: name: clone-enterprise - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - yarn install --immutable @@ -307,7 +307,7 @@ steps: name: clone-enterprise - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -392,7 +392,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd @@ -487,7 +487,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - mkdir -p bin @@ -581,7 +581,7 @@ steps: GF_APP_MODE: development GF_SERVER_HTTP_PORT: "3001" GF_SERVER_ROUTER_LOGGING: "1" - image: alpine:3.18.4 + image: alpine:3.18.5 name: grafana-server - commands: - ./bin/build e2e-tests --port 3001 --suite dashboards-suite @@ -704,7 +704,7 @@ steps: - /src/grafana-build artifacts -a docker:grafana:linux/amd64 -a docker:grafana:linux/amd64:ubuntu -a docker:grafana:linux/arm64 -a docker:grafana:linux/arm64:ubuntu -a docker:grafana:linux/arm/v7 -a docker:grafana:linux/arm/v7:ubuntu --yarn-cache=$$YARN_CACHE_FOLDER --build-id=$$DRONE_BUILD_NUMBER - --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.18.4 --tag-format='{{ .version_base + --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.18.5 --tag-format='{{ .version_base }}-{{ .buildID }}-{{ .arch }}' --grafana-dir=$$PWD --ubuntu-tag-format='{{ .version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt - find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i @@ -848,7 +848,7 @@ steps: name: compile-build-cmd - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -1033,7 +1033,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - yarn install --immutable @@ -1388,7 +1388,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - yarn install --immutable @@ -1463,7 +1463,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - yarn install --immutable @@ -1520,7 +1520,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - yarn install --immutable @@ -1588,7 +1588,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -1667,7 +1667,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd @@ -1741,7 +1741,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - mkdir -p bin @@ -1834,7 +1834,7 @@ steps: GF_APP_MODE: development GF_SERVER_HTTP_PORT: "3001" GF_SERVER_ROUTER_LOGGING: "1" - image: alpine:3.18.4 + image: alpine:3.18.5 name: grafana-server - commands: - ./bin/build e2e-tests --port 3001 --suite dashboards-suite @@ -1993,7 +1993,7 @@ steps: - /src/grafana-build artifacts -a docker:grafana:linux/amd64 -a docker:grafana:linux/amd64:ubuntu -a docker:grafana:linux/arm64 -a docker:grafana:linux/arm64:ubuntu -a docker:grafana:linux/arm/v7 -a docker:grafana:linux/arm/v7:ubuntu --yarn-cache=$$YARN_CACHE_FOLDER --build-id=$$DRONE_BUILD_NUMBER - --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.18.4 --tag-format='{{ .version_base + --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.18.5 --tag-format='{{ .version_base }}-{{ .buildID }}-{{ .arch }}' --grafana-dir=$$PWD --ubuntu-tag-format='{{ .version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt - find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i @@ -2199,7 +2199,7 @@ steps: name: compile-build-cmd - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -2511,7 +2511,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - mkdir -p bin @@ -2843,7 +2843,7 @@ steps: environment: _EXPERIMENTAL_DAGGER_CLOUD_TOKEN: from_secret: dagger_token - ALPINE_BASE: alpine:3.18.4 + ALPINE_BASE: alpine:3.18.5 CDN_DESTINATION: from_secret: rgm_cdn_destination DESTINATION: @@ -2958,7 +2958,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - yarn install --immutable @@ -3013,7 +3013,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -3094,7 +3094,7 @@ steps: environment: _EXPERIMENTAL_DAGGER_CLOUD_TOKEN: from_secret: dagger_token - ALPINE_BASE: alpine:3.18.4 + ALPINE_BASE: alpine:3.18.5 CDN_DESTINATION: from_secret: rgm_cdn_destination DESTINATION: @@ -3274,7 +3274,7 @@ steps: environment: _EXPERIMENTAL_DAGGER_CLOUD_TOKEN: from_secret: dagger_token - ALPINE_BASE: alpine:3.18.4 + ALPINE_BASE: alpine:3.18.5 CDN_DESTINATION: from_secret: rgm_cdn_destination DESTINATION: @@ -3374,7 +3374,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - yarn install --immutable @@ -3427,7 +3427,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -3506,7 +3506,7 @@ steps: environment: _EXPERIMENTAL_DAGGER_CLOUD_TOKEN: from_secret: dagger_token - ALPINE_BASE: alpine:3.18.4 + ALPINE_BASE: alpine:3.18.5 CDN_DESTINATION: from_secret: rgm_cdn_destination DESTINATION: @@ -3652,7 +3652,7 @@ steps: environment: _EXPERIMENTAL_DAGGER_CLOUD_TOKEN: from_secret: dagger_token - ALPINE_BASE: alpine:3.18.4 + ALPINE_BASE: alpine:3.18.5 CDN_DESTINATION: from_secret: rgm_cdn_destination DESTINATION: @@ -3760,7 +3760,7 @@ steps: environment: _EXPERIMENTAL_DAGGER_CLOUD_TOKEN: from_secret: dagger_token - ALPINE_BASE: alpine:3.18.4 + ALPINE_BASE: alpine:3.18.5 CDN_DESTINATION: from_secret: rgm_cdn_destination DESTINATION: @@ -3961,7 +3961,7 @@ steps: name: grabpl - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.18.4 + image: alpine:3.18.5 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -4453,7 +4453,7 @@ steps: - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM node:20.9.0-alpine - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM google/cloud-sdk:431.0.0 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana-ci-deploy:1.3.3 - - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine:3.18.4 + - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine:3.18.5 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM ubuntu:22.04 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM byrnedo/alpine-curl:0.1.8 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM plugins/slack @@ -4487,7 +4487,7 @@ steps: - trivy --exit-code 1 --severity HIGH,CRITICAL node:20.9.0-alpine - trivy --exit-code 1 --severity HIGH,CRITICAL google/cloud-sdk:431.0.0 - trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana-ci-deploy:1.3.3 - - trivy --exit-code 1 --severity HIGH,CRITICAL alpine:3.18.4 + - trivy --exit-code 1 --severity HIGH,CRITICAL alpine:3.18.5 - trivy --exit-code 1 --severity HIGH,CRITICAL ubuntu:22.04 - trivy --exit-code 1 --severity HIGH,CRITICAL byrnedo/alpine-curl:0.1.8 - trivy --exit-code 1 --severity HIGH,CRITICAL plugins/slack @@ -4731,6 +4731,6 @@ kind: secret name: gcr_credentials --- kind: signature -hmac: 0fb0bf8e3d7ea206f4e58a70ae01017d1e113a1241e78da7dd38d25f894ec04d +hmac: f5bca13f4f753f2c911b11b8a2102a51243ce8a215126d2075dc73f8b7628a4d ... diff --git a/Dockerfile b/Dockerfile index fa68ce6df08..425a675ef48 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 -ARG BASE_IMAGE=alpine:3.18.3 +ARG BASE_IMAGE=alpine:3.18.5 ARG JS_IMAGE=node:20-alpine3.18 ARG JS_PLATFORM=linux/amd64 ARG GO_IMAGE=golang:1.21.5-alpine3.18 diff --git a/packaging/docker/build.sh b/packaging/docker/build.sh index 5a16049d133..3c6ec7274cb 100755 --- a/packaging/docker/build.sh +++ b/packaging/docker/build.sh @@ -59,7 +59,7 @@ docker_build () { esac if [ $UBUNTU_BASE = "0" ]; then libc="-musl" - base_image="${base_arch}alpine:3.18.3" + base_image="${base_arch}alpine:3.18.5" else libc="" base_image="${base_arch}ubuntu:22.04" diff --git a/pkg/build/docker/build.go b/pkg/build/docker/build.go index 29b2263e62b..8731ab7a247 100644 --- a/pkg/build/docker/build.go +++ b/pkg/build/docker/build.go @@ -70,7 +70,7 @@ func BuildImage(version string, arch config.Architecture, grafanaDir string, use } libc := "-musl" - baseImage := fmt.Sprintf("%salpine:3.18.3", baseArch) + baseImage := fmt.Sprintf("%salpine:3.18.5", baseArch) tagSuffix := "" if useUbuntu { libc = "" diff --git a/scripts/drone/utils/images.star b/scripts/drone/utils/images.star index 8f0250e56bd..e2b672963d5 100644 --- a/scripts/drone/utils/images.star +++ b/scripts/drone/utils/images.star @@ -15,7 +15,7 @@ images = { "node": "node:{}-alpine".format(nodejs_version), "cloudsdk": "google/cloud-sdk:431.0.0", "publish": "grafana/grafana-ci-deploy:1.3.3", - "alpine": "alpine:3.18.4", + "alpine": "alpine:3.18.5", "ubuntu": "ubuntu:22.04", "curl": "byrnedo/alpine-curl:0.1.8", "plugins_slack": "plugins/slack",