chore(ci): Add Docker paths via globs to dependabot and update Dockerfiles to pin sha256 (#1960)

* Add Docker paths to dependabot and update Dockerfiles to pin image version.

* Remove dependabot auto-merging workflow.

Author: phipag

.github/dependabot.yml

@@ -9,11 +9,13 @@ updates:
 
   - package-ecosystem: docker
     directories:
-      - "/powertools-e2e-tests"
-      - "/examples"
-    labels: [ ]
+      - "/powertools-e2e-tests/src/test/resources/docker"
+      - "/docs"
+      - "/examples/**"
     schedule:
       interval: daily
+    commit-message:
+      prefix: chore
 
   - package-ecosystem: "maven"
     directory: "/"

.github/workflows/security-dependabot.yml

@@ -1,5 +1,5 @@
 #Use the official AWS SAM base image for Java 21
-FROM public.ecr.aws/sam/build-java21:latest
+FROM public.ecr.aws/sam/build-java21@sha256:a5554d68374e19450c6c88448516ac95a9acedc779f318040f5c230134b4e461
 
 #Install GraalVM dependencies
 RUN curl -4 -L curl https://download.oracle.com/graalvm/21/latest/graalvm-jdk-21_linux-x64_bin.tar.gz | tar -xvz

examples/powertools-examples-core-utilities/sam-graalvm/Dockerfile

@@ -1,5 +1,5 @@
 #Use the official AWS SAM base image for Java 21
-FROM public.ecr.aws/sam/build-java21:latest
+FROM public.ecr.aws/sam/build-java21@sha256:a5554d68374e19450c6c88448516ac95a9acedc779f318040f5c230134b4e461
 
 #Install GraalVM dependencies
 RUN curl -4 -L curl https://download.oracle.com/graalvm/21/latest/graalvm-jdk-21_linux-x64_bin.tar.gz | tar -xvz

examples/powertools-examples-parameters/sam-graalvm/Dockerfile

@@ -1,5 +1,5 @@
 #Use the official AWS SAM base image for Java 21
-FROM public.ecr.aws/sam/build-java21:latest
+FROM public.ecr.aws/sam/build-java21@sha256:a5554d68374e19450c6c88448516ac95a9acedc779f318040f5c230134b4e461
 
 #Install GraalVM dependencies
 RUN curl -4 -L curl https://download.oracle.com/graalvm/21/latest/graalvm-jdk-21_linux-x64_bin.tar.gz | tar -xvz