fix: Implement dependency digest tracking for nightly builds
- Updated Docker Compose files to use digest-pinned images for CI contexts. - Enhanced Dockerfile to pin Go tool installations and verify external downloads with SHA256 checksums. - Added Renovate configuration for tracking Go tool versions and digest updates. - Introduced a new design document outlining the architecture and data flow for dependency tracking. - Created tasks and requirements documentation to ensure compliance with the new digest pinning policy. - Updated security documentation to reflect the new digest pinning policy and exceptions.
This commit is contained in:
GitHub Actions
2
.github/workflows/docker-build.yml
vendored
2
.github/workflows/docker-build.yml
vendored
@@ -509,7 +509,7 @@ jobs:
|
||||
docker run -d \
|
||||
--name whoami \
|
||||
--network charon-test-net \
|
||||
traefik/whoami
|
||||
traefik/whoami:latest@sha256:200689790a0a0ea48ca45992e0450bc26ccab5307375b41c84dfc4f2475937ab
|
||||
|
||||
- name: Run Charon Container
|
||||
timeout-minutes: 3
|
||||
|
||||
Reference in New Issue
Block a user