Skip to content

Commit

Permalink
fix(build): pin all usage of cloud-sdk image (#2484)
Browse files Browse the repository at this point in the history 
A recent apparent GCS performance regression in the Cloud SDK
highlighted uncontrolled upgrading of the Cloud SDK Docker image. Pin
everything to what #2480 pinned to for stability.
  • Loading branch information
@andrewpollock
andrewpollock authored Aug 16, 2024
1 parent 325bd9e commit f7c148f
Show file tree
Hide file tree
Showing 8 changed files with 8 additions and 8 deletions.
2 changes: 1 addition & 1 deletion docker/terraform/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ ARG TERRAFORM_VERSION
WORKDIR /build/
RUN GOBIN=$(pwd) go install github.com/hashicorp/terraform@v${TERRAFORM_VERSION}

FROM gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:d5da0344b23d03a6f2728657732c7a60300a91acaad9b8076c6fd30b1dfe1ff4

COPY --from=GO_BUILD /build/terraform /usr/bin/terraform
COPY entrypoint.bash /builder/entrypoint.bash
Expand Down
2 changes: 1 addition & 1 deletion vulnfeeds/cmd/alpine/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ COPY ./ /src/
RUN go build -o alpine-osv ./cmd/alpine/


FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:d5da0344b23d03a6f2728657732c7a60300a91acaad9b8076c6fd30b1dfe1ff4

WORKDIR /root/
COPY --from=GO_BUILD /src/alpine-osv ./
Expand Down
2 changes: 1 addition & 1 deletion vulnfeeds/cmd/cpe-repo-gen/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ RUN go mod download
COPY ./ /src/
RUN CGO_ENABLED=0 go build -o cpe-repo-gen ./cmd/cpe-repo-gen

FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:d5da0344b23d03a6f2728657732c7a60300a91acaad9b8076c6fd30b1dfe1ff4

COPY --from=GO_BUILD /src/cpe-repo-gen ./
COPY ./cmd/cpe-repo-gen/cpe-repo-gen_map.sh ./
Expand Down
2 changes: 1 addition & 1 deletion vulnfeeds/cmd/debian-copyright-mirror/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:d5da0344b23d03a6f2728657732c7a60300a91acaad9b8076c6fd30b1dfe1ff4

RUN apk add wget

Expand Down
2 changes: 1 addition & 1 deletion vulnfeeds/cmd/debian/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ COPY ./ /src/
RUN go build -o debian-osv ./cmd/debian/


FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:d5da0344b23d03a6f2728657732c7a60300a91acaad9b8076c6fd30b1dfe1ff4

WORKDIR /root/
COPY --from=GO_BUILD /src/debian-osv ./
Expand Down
2 changes: 1 addition & 1 deletion vulnfeeds/cmd/download-cves/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ RUN go mod download
COPY ./ /src/
RUN go build -o download-cves ./cmd/download-cves/

FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:d5da0344b23d03a6f2728657732c7a60300a91acaad9b8076c6fd30b1dfe1ff4
RUN apk --no-cache add jq

WORKDIR /usr/local/bin
Expand Down
2 changes: 1 addition & 1 deletion vulnfeeds/cmd/nvd-cve-osv/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ RUN go mod download && go mod verify
COPY . .
RUN CGO_ENABLED=0 go build -v -o /usr/local/bin ./cmd/nvd-cve-osv ./cmd/download-cves

FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine AS runtime
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:d5da0344b23d03a6f2728657732c7a60300a91acaad9b8076c6fd30b1dfe1ff4 AS runtime
RUN apk --no-cache add jq

COPY --from=GO_BUILD /usr/local/bin/ ./usr/local/bin/
Expand Down
2 changes: 1 addition & 1 deletion vulnfeeds/tools/debian/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM google/cloud-sdk:449.0.0-alpine
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:d5da0344b23d03a6f2728657732c7a60300a91acaad9b8076c6fd30b1dfe1ff4

# Keep the virtualenv directly in the project directory. This isn't strictly neccesary for
# this project as it runs on kubernetes, but it keeps it consistent with other cloud run images
Expand Down

0 comments on commit f7c148f

Please sign in to comment.