Merge pull request #456 from securesign/konflux/mintmaker/main/docker-deps

kahboom · web-flow · commit 6e233abfbfa7 · 2025-10-30T13:03:52.000Z
Update Docker Images
diff --git a/Dockerfile.clients.rh b/Dockerfile.clients.rh
@@ -7,15 +7,15 @@ FROM quay.io/securesign/fetch-tsa-certs@sha256:fa5f2b8bd5bca47bf2138c7baf6e257e8
 
 # Provides the Trusted Artifact Signer CLI binaries, rekor-cli and ec
 FROM quay.io/securesign/rekor-cli@sha256:b5201f2116dfebbcbcd9331af1c0e455a9c6792aa650ba69b3b790f6b7ca1e35 as rekor
-FROM registry.redhat.io/rhtas/ec-rhel9:0.7@sha256:78158d37f70af60043e6ad87cddc982cc79da401b3c2e58de9323b95407c9f66 as ec
+FROM registry.redhat.io/rhtas/ec-rhel9:0.7@sha256:30f7a2eeed605f23ba68bc41f29363acc5305ff4cf9302c37ee7ac7408cfa38d as ec
 
 # Provides the Trusted Artifact Signer CLI binaries trillian-createtree and trillian-updatetree
 FROM quay.io/securesign/trillian-createtree@sha256:bcfc0d077428a5587c8f0cbb4e066684db1bceab06476ffcb5017d153d117269 as trillian-createtree
 FROM quay.io/securesign/trillian-updatetree@sha256:92a30a755a572a0f60e3fd0db249232e256becacf1e603c54e1c206dd9a12a84 as trillian-updatetree
 
 FROM quay.io/securesign/cli-tuftool@sha256:64da7af9f6df3cf2829118d0f8526614b4674356ff18d26a006e7c7b5fd2938a as tuf-tool
 
-FROM registry.redhat.io/ubi9/httpd-24@sha256:f246cd462bd549cdb5f1ccf93e150db024962bc364048f0b8c06a9e0c2dc6a38
+FROM registry.redhat.io/ubi9/httpd-24@sha256:86a1a8b0d12c31c007dd411f7076a0cab2cc952ab8a0de74666fa09900c9fb86
 ENV APP_ROOT=/opt/app-root
 WORKDIR $APP_ROOT/src/
 
diff --git a/Dockerfile.cosign.rh b/Dockerfile.cosign.rh
@@ -1,6 +1,6 @@
 # Build stage
 
-FROM registry.redhat.io/ubi9/go-toolset:9.6@sha256:6a73e8f2d2433b4b71127970be5afc14c19144a03daef0031364734a6b03672a AS build-env
+FROM registry.redhat.io/ubi9/go-toolset:9.6@sha256:7b1828de52c3bac600a71b81996bf748776a456181a45e2b329b39702cf6486f AS build-env
 
 ENV GOEXPERIMENT=strictfipsruntime
 ENV CGO_ENABLED=1
@@ -26,7 +26,7 @@ RUN git config --global --add safe.directory /cosign && \
     git update-index --no-assume-unchanged Dockerfile.cosign.rh
 
 # Install Cosign
-FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:7c5495d5fad59aaee12abc3cbbd2b283818ee1e814b00dbc7f25bf2d14fa4f0c
+FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:34880b64c07f28f64d95737f82f891516de9a3b43583f39970f7bf8e4cfa48b7
 
 LABEL description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."
 LABEL io.k8s.description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."
