build: Update distroless base image

mesosphere · Oct 4, 2023 · 24e21bb · 24e21bb
1 parent e5f9715
commit 24e21bb
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 6 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -43,6 +43,7 @@ repos:
     stages: [commit]
   - id: end-of-file-fixer
     stages: [commit]
+    exclude: ^charts/.+/README.md$
 - repo: https://github.com/rhysd/actionlint
   rev: v1.6.25
   hooks:
@@ -91,15 +92,15 @@ repos:
       - header.txt
       - --comment-style
       - //
-      - --use-current-year
+      - --allow-past-years
   - id: insert-license
     name: License headers - YAML and Makefiles
     stages: [commit]
     files: (^Makefile|\.(ya?ml|mk))$
     args:
       - --license-filepath
       - header.txt
-      - --use-current-year
+      - --allow-past-years
     exclude: ^charts/.+/(templates/.+\.yaml|crds/.+\.yaml)$
   - id: insert-license
     name: License headers - Markdown
@@ -111,7 +112,7 @@ repos:
       - header.txt
       - --comment-style
       - <!--|| -->
-      - --use-current-year
+      - --allow-past-years
 - repo: https://github.com/norwoodj/helm-docs
   rev: v1.11.2
   hooks:

diff --git a/Dockerfile b/Dockerfile
@@ -4,6 +4,7 @@
 # syntax=docker/dockerfile:1
 
 ARG GO_VERSION
+# hadolint ignore=DL3029
 FROM --platform=linux/${BUILDARCH} golang:${GO_VERSION} as credential_provider_builder
 
 ARG TARGETARCH
@@ -17,6 +18,7 @@ RUN --mount=type=bind,src=credential-providers,target=/go/src/credential-provide
         -o /go/bin/ecr-credential-provider \
         k8s.io/cloud-provider-aws/cmd/ecr-credential-provider
 
+# hadolint ignore=DL3059
 RUN --mount=type=bind,src=credential-providers,target=/go/src/credential-providers \
     --mount=type=cache,target=/go/pkg/mod \
     --mount=type=cache,target=/root/.cache/go-build \
@@ -35,10 +37,12 @@ RUN --mount=type=cache,target=/go/pkg/mod \
         -o /go/bin/gcr-credential-provider \
         ./cmd/auth-provider-gcp
 
-# Use distroless/static:nonroot image for a base.
+# hadolint ignore=DL3029
 FROM --platform=linux/amd64 gcr.io/distroless/static@sha256:1b4dbd7d38a0fd4bbaf5216a21a615d07b56747a96d3c650689cbb7fdc412b49 as linux-amd64
-FROM --platform=linux/arm64 gcr.io/distroless/static@sha256:05810557ec4b4bf01f4df548c06cc915bb29d81cb339495fe1ad2e668434bf8e as linux-arm64
+# hadolint ignore=DL3029
+FROM --platform=linux/arm64 gcr.io/distroless/static@sha256:dcf9c9cafaa9c328eff2ceff5f6057588336b48c9b91ddc0913102b33bbce723 as linux-arm64
 
+# hadolint ignore=DL3006,DL3029
 FROM --platform=linux/${TARGETARCH} linux-${TARGETARCH}
 
 COPY --from=credential_provider_builder \

diff --git a/charts/dynamic-credential-provider/README.md b/charts/dynamic-credential-provider/README.md
@@ -37,4 +37,4 @@ A Helm chart for Kubernetes dynamic credential provider
 | tolerations[0].operator | string | `"Exists"` |  |
 | tolerations[1].effect | string | `"NoSchedule"` |  |
 | tolerations[1].key | string | `"node-role.kubernetes.io/master"` |  |
-| tolerations[1].operator | string | `"Exists"` |  |
+| tolerations[1].operator | string | `"Exists"` |  |