From 986b68a7c15a3b6120fdff46f012dbceb045d154 Mon Sep 17 00:00:00 2001 From: Ammar Bandukwala Date: Thu, 11 May 2023 19:15:43 +0000 Subject: [PATCH 1/2] chore: update various dependencies This will help us pass the security scanners. --- dogfood/Dockerfile | 2 +- provisioner/terraform/install.go | 4 ++-- scripts/Dockerfile.base | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/dogfood/Dockerfile b/dogfood/Dockerfile index 64b9aa07cf443..a7e16e44aef69 100644 --- a/dogfood/Dockerfile +++ b/dogfood/Dockerfile @@ -8,7 +8,7 @@ FROM ubuntu:jammy AS go RUN apt-get update && apt-get install --yes curl gcc # Install Go manually, so that we can control the version -ARG GO_VERSION=1.20 +ARG GO_VERSION=1.20.3 RUN mkdir --parents /usr/local/go # Boring Go is needed to build FIPS-compliant binaries. diff --git a/provisioner/terraform/install.go b/provisioner/terraform/install.go index 778c80e67a944..49059e7517293 100644 --- a/provisioner/terraform/install.go +++ b/provisioner/terraform/install.go @@ -19,10 +19,10 @@ var ( // TerraformVersion is the version of Terraform used internally // when Terraform is not available on the system. // NOTE: Keep this in sync with the version in scripts/Dockerfile.base. - TerraformVersion = version.Must(version.NewVersion("1.3.4")) + TerraformVersion = version.Must(version.NewVersion("1.4.6")) minTerraformVersion = version.Must(version.NewVersion("1.1.0")) - maxTerraformVersion = version.Must(version.NewVersion("1.3.9")) + maxTerraformVersion = version.Must(version.NewVersion("1.4.9")) terraformMinorVersionMismatch = xerrors.New("Terraform binary minor version mismatch.") ) diff --git a/scripts/Dockerfile.base b/scripts/Dockerfile.base index 6dd3daea4019d..b89019e9c9211 100644 --- a/scripts/Dockerfile.base +++ b/scripts/Dockerfile.base @@ -1,7 +1,7 @@ # This is the base image used for Coder images. It's a multi-arch image that is # built in depot.dev for all supported architectures. Since it's built on real # hardware and not cross-compiled, it can have "RUN" commands. -FROM alpine:latest +FROM alpine:3.18 # We use a single RUN command to reduce the number of layers in the image. # NOTE: Keep the Terraform version in sync with minTerraformVersion and @@ -12,7 +12,7 @@ RUN apk add --no-cache \ bash \ git \ openssh-client \ - terraform=1.3.4-r4 && \ + terraform=1.4.6-r1 && \ addgroup \ -g 1000 \ coder && \ From ba977f545374ea95065d1573895789293565ccb6 Mon Sep 17 00:00:00 2001 From: Ammar Bandukwala Date: Sun, 14 May 2023 20:26:41 +0000 Subject: [PATCH 2/2] fixup! chore: update various dependencies --- dogfood/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dogfood/Dockerfile b/dogfood/Dockerfile index a7e16e44aef69..64b9aa07cf443 100644 --- a/dogfood/Dockerfile +++ b/dogfood/Dockerfile @@ -8,7 +8,7 @@ FROM ubuntu:jammy AS go RUN apt-get update && apt-get install --yes curl gcc # Install Go manually, so that we can control the version -ARG GO_VERSION=1.20.3 +ARG GO_VERSION=1.20 RUN mkdir --parents /usr/local/go # Boring Go is needed to build FIPS-compliant binaries.