Skip to content

Commit c9ed0dd

Browse files
sreyasreya
authored
chore: pin dependencies in Dockerfiles (#19129)
1 parent 0d7cc5c commit c9ed0dd

File tree

4 files changed

+15
-6
lines changed

4 files changed

+15
-6
lines changed

.devcontainer/filebrowser/install.sh

100644100755
Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,15 @@ printf "%sInstalling filebrowser\n\n" "${BOLD}"
88

99
# Check if filebrowser is installed.
1010
if ! command -v filebrowser &>/dev/null; then
11-
curl -fsSL https://raw.githubusercontent.com/filebrowser/get/master/get.sh | bash
11+
VERSION="v2.42.1"
12+
EXPECTED_HASH="7d83c0f077df10a8ec9bfd9bf6e745da5d172c3c768a322b0e50583a6bc1d3cc"
13+
14+
curl -fsSL "https://github.com/filebrowser/filebrowser/releases/download/${VERSION}/linux-amd64-filebrowser.tar.gz" -o /tmp/filebrowser.tar.gz
15+
echo "${EXPECTED_HASH} /tmp/filebrowser.tar.gz" | sha256sum -c
16+
tar -xzf /tmp/filebrowser.tar.gz -C /tmp
17+
sudo mv /tmp/filebrowser /usr/local/bin/
18+
sudo chmod +x /usr/local/bin/filebrowser
19+
rm /tmp/filebrowser.tar.gz
1220
fi
1321

1422
# Create entrypoint.

.devcontainer/scripts/post_create.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
#!/bin/sh
22

33
install_devcontainer_cli() {
4-
npm install -g @devcontainers/cli
4+
npm install -g @devcontainers/cli@0.80.0 --integrity=sha512-w2EaxgjyeVGyzfA/KUEZBhyXqu/5PyWNXcnrXsZOBrt3aN2zyGiHrXoG54TF6K0b5DSCF01Rt5fnIyrCeFzFKw==
55
}
66

77
install_ssh_config() {

dogfood/coder/Dockerfile

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ RUN apt-get update && \
2929
mkdir --parents /usr/local/go && \
3030
tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 && \
3131
mkdir --parents "$GOPATH" && \
32+
go env -w GOSUMDB=sum.golang.org && \
3233
# moq for Go tests.
3334
go install github.com/matryer/moq@v0.2.3 && \
3435
# swag for Swagger doc generation
@@ -252,9 +253,9 @@ RUN source $NVM_DIR/nvm.sh && \
252253
nvm install $NODE_VERSION && \
253254
nvm use $NODE_VERSION
254255
ENV PATH=$NVM_DIR/versions/node/v$NODE_VERSION/bin:$PATH
255-
# Allow patch updates for npm and pnpm
256-
RUN npm install -g npm@10.8.1 --integrity=sha512-Dp1C6SvSMYQI7YHq/y2l94uvI+59Eqbu1EpuKQHQ8p16txXRuRit5gH3Lnaagk2aXDIjg/Iru9pd05bnneKgdw==
257-
RUN npm install -g pnpm@9.15.1 --integrity=sha512-GstWXmGT7769p3JwKVBGkVDPErzHZCYudYfnHRncmKQj3/lTblfqRMSb33kP9pToPCe+X6oj1n4MAztYO+S/zw==
256+
RUN corepack enable && \
257+
corepack prepare npm@10.8.1 --activate && \
258+
corepack prepare pnpm@9.15.1 --activate
258259

259260
RUN pnpx playwright@1.47.0 install --with-deps chromium
260261

scripts/Dockerfile.base

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
# This is the base image used for Coder images. It's a multi-arch image that is
22
# built in depot.dev for all supported architectures. Since it's built on real
33
# hardware and not cross-compiled, it can have "RUN" commands.
4-
FROM alpine:3.21.3
4+
FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
55

66
# We use a single RUN command to reduce the number of layers in the image.
77
# NOTE: Keep the Terraform version in sync with minTerraformVersion and

0 commit comments

Comments
 (0)