diff --git a/.drone.yml b/.drone.yml index f694f9f95cf..65b46af2058 100644 --- a/.drone.yml +++ b/.drone.yml @@ -17,7 +17,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd @@ -67,7 +67,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd @@ -117,7 +117,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - yarn install --immutable @@ -217,7 +217,7 @@ steps: name: clone-enterprise - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - yarn install --immutable @@ -306,7 +306,7 @@ steps: name: clone-enterprise - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -390,7 +390,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd @@ -480,7 +480,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - mkdir -p bin @@ -605,7 +605,7 @@ steps: GF_APP_MODE: development GF_SERVER_HTTP_PORT: "3001" GF_SERVER_ROUTER_LOGGING: "1" - image: alpine:3.17.1 + image: alpine:3.18.3 name: grafana-server - commands: - ./bin/build e2e-tests --port 3001 --suite dashboards-suite @@ -726,7 +726,7 @@ steps: - commands: - docker run --privileged --rm tonistiigi/binfmt --install all - /src/grafana-build docker $(cat packages.txt | grep tar.gz | grep -v docker | - grep -v sha256 | awk '{print "--package=" $0}') --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.17.1 + grep -v sha256 | awk '{print "--package=" $0}') --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.18.3 --tag-format='{{ .version_base }}-{{ .buildID }}-{{ .arch }}' --ubuntu-tag-format='{{ .version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt - find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i @@ -865,7 +865,7 @@ steps: name: compile-build-cmd - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -1034,7 +1034,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - yarn install --immutable @@ -1320,7 +1320,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - yarn install --immutable @@ -1392,7 +1392,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - yarn install --immutable @@ -1449,7 +1449,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - yarn install --immutable @@ -1516,7 +1516,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -1595,7 +1595,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd @@ -1664,7 +1664,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - mkdir -p bin @@ -1745,7 +1745,7 @@ steps: GF_APP_MODE: development GF_SERVER_HTTP_PORT: "3001" GF_SERVER_ROUTER_LOGGING: "1" - image: alpine:3.17.1 + image: alpine:3.18.3 name: grafana-server - commands: - ./bin/build e2e-tests --port 3001 --suite dashboards-suite @@ -1902,7 +1902,7 @@ steps: - commands: - docker run --privileged --rm tonistiigi/binfmt --install all - /src/grafana-build docker $(cat packages.txt | grep tar.gz | grep -v docker | - grep -v sha256 | awk '{print "--package=" $0}') --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.17.1 + grep -v sha256 | awk '{print "--package=" $0}') --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.18.3 --tag-format='{{ .version_base }}-{{ .buildID }}-{{ .arch }}' --ubuntu-tag-format='{{ .version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt - find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i @@ -2103,7 +2103,7 @@ steps: name: compile-build-cmd - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -2431,7 +2431,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - mkdir -p bin @@ -2806,7 +2806,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - yarn install --immutable @@ -2864,7 +2864,7 @@ services: [] steps: - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -3366,7 +3366,7 @@ steps: name: grabpl - commands: - echo $DRONE_RUNNER_NAME - image: alpine:3.17.1 + image: alpine:3.18.3 name: identify-runner - commands: - '# It is required that code generated from Thema/CUE be committed and in sync @@ -3571,7 +3571,7 @@ steps: - commands: - if [ -z "${BUILD_CONTAINER_VERSION}" ]; then echo Missing BUILD_CONTAINER_VERSION; false; fi - image: alpine:3.17.1 + image: alpine:3.18.3 name: validate-version - commands: - printenv GCP_KEY > /tmp/key.json @@ -3895,7 +3895,7 @@ steps: - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM node:18.12.0-alpine - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM google/cloud-sdk:431.0.0 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana-ci-deploy:1.3.3 - - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine:3.17.1 + - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine:3.18.3 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM ubuntu:22.04 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM byrnedo/alpine-curl:0.1.8 - trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM plugins/slack @@ -3928,7 +3928,7 @@ steps: - trivy --exit-code 1 --severity HIGH,CRITICAL node:18.12.0-alpine - trivy --exit-code 1 --severity HIGH,CRITICAL google/cloud-sdk:431.0.0 - trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana-ci-deploy:1.3.3 - - trivy --exit-code 1 --severity HIGH,CRITICAL alpine:3.17.1 + - trivy --exit-code 1 --severity HIGH,CRITICAL alpine:3.18.3 - trivy --exit-code 1 --severity HIGH,CRITICAL ubuntu:22.04 - trivy --exit-code 1 --severity HIGH,CRITICAL byrnedo/alpine-curl:0.1.8 - trivy --exit-code 1 --severity HIGH,CRITICAL plugins/slack @@ -4190,6 +4190,6 @@ kind: secret name: gcr_credentials --- kind: signature -hmac: dd88ea6f6baa75d83672c61478b2e79781308249016956d863562035550b006e +hmac: 44164d7ef0702adcdbc3e53cb3fb70641b04af709a0d22ec65d7a6f87d4af4d2 ... diff --git a/Dockerfile b/Dockerfile index a018d5f4d95..d2a8abea778 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ # syntax=docker/dockerfile:1 -ARG BASE_IMAGE=alpine:3.17 -ARG JS_IMAGE=node:18-alpine3.17 +ARG BASE_IMAGE=alpine:3.18.3 +ARG JS_IMAGE=node:18-alpine3.18 ARG JS_PLATFORM=linux/amd64 -ARG GO_IMAGE=golang:1.20.8-alpine3.17 +ARG GO_IMAGE=golang:1.20.8-alpine3.18 ARG GO_SRC=go-builder ARG JS_SRC=js-builder diff --git a/packaging/docker/build.sh b/packaging/docker/build.sh index 10e60888c2f..29d78a11c82 100755 --- a/packaging/docker/build.sh +++ b/packaging/docker/build.sh @@ -59,7 +59,7 @@ docker_build () { esac if [ $UBUNTU_BASE = "0" ]; then libc="-musl" - base_image="${base_arch}alpine:3.17" + base_image="${base_arch}alpine:3.18.3" else libc="" base_image="${base_arch}ubuntu:20.04" diff --git a/pkg/build/docker/build.go b/pkg/build/docker/build.go index 80c50697541..64016257b2a 100644 --- a/pkg/build/docker/build.go +++ b/pkg/build/docker/build.go @@ -70,7 +70,7 @@ func BuildImage(version string, arch config.Architecture, grafanaDir string, use } libc := "-musl" - baseImage := fmt.Sprintf("%salpine:3.17", baseArch) + baseImage := fmt.Sprintf("%salpine:3.18.3", baseArch) tagSuffix := "" if useUbuntu { libc = "" diff --git a/scripts/drone/utils/images.star b/scripts/drone/utils/images.star index 14656079900..681d63f521e 100644 --- a/scripts/drone/utils/images.star +++ b/scripts/drone/utils/images.star @@ -14,7 +14,7 @@ images = { "node": "node:{}-alpine".format(nodejs_version), "cloudsdk": "google/cloud-sdk:431.0.0", "publish": "grafana/grafana-ci-deploy:1.3.3", - "alpine": "alpine:3.17.1", + "alpine": "alpine:3.18.3", "ubuntu": "ubuntu:22.04", "curl": "byrnedo/alpine-curl:0.1.8", "plugins_slack": "plugins/slack",