diff --git a/.github/actions/docker-setup/action.yml b/.github/actions/docker-setup/action.yml index b3c03c2..9569b40 100644 --- a/.github/actions/docker-setup/action.yml +++ b/.github/actions/docker-setup/action.yml @@ -3,10 +3,10 @@ runs: using: composite steps: - name: Cache Docker images. - uses: ScribeMD/docker-cache@0.5.0 + uses: ScribeMD/docker-cache@fb28c93772363301b8d0a6072ce850224b73f74e # 0.5.0 with: key: docker-${{ runner.os }}-${{ hashFiles('Dockerfile') }} - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3 diff --git a/.github/workflows/gradle-check-build.yml b/.github/workflows/gradle-check-build.yml index 92fe5a6..e1f0b92 100644 --- a/.github/workflows/gradle-check-build.yml +++ b/.github/workflows/gradle-check-build.yml @@ -30,7 +30,7 @@ jobs: - name: Setup DOCKER environment uses: ./.github/actions/docker-setup - name: Build and export to docker - uses: docker/build-push-action@v5 + uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5 with: push: false context: . @@ -50,7 +50,7 @@ jobs: # curl -s http://localhost:8080/tomcat-webapp-boilerplate/app/base/health | grep "UP" - name: Test docker image endpoint # Use the retry action - uses: nick-fields/retry@v3 + uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 with: max_attempts: 5 retry_on: error diff --git a/Dockerfile b/Dockerfile index e72cd60..55df04e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,7 +30,7 @@ # # downloading gradle every time which takes ALOT and allows for caching # RUN gradle war -FROM tomcat:9-jdk21 +FROM tomcat:9-jdk21@sha256:f7c4623aa616f46473003b325246befcc5fe7120b39b07c977dd44057bbdc306 # If not using multistage: docker file expects the war file to be in the build/libs folder. # if we build it outside we can use github action gradle caching diff --git a/compose.dev.yml b/compose.dev.yml index ac6982d..010de05 100644 --- a/compose.dev.yml +++ b/compose.dev.yml @@ -27,7 +27,7 @@ services: ########## postgres postgresdev: env_file: ./.env - image: postgres:latest + image: postgres:latest@sha256:1bf73ccae25238fa555100080042f0b2f9be08eb757e200fe6afc1fc413a1b3c # restart: unless-stopped # user: postgres network_mode: host @@ -44,7 +44,7 @@ services: POSTGRES_DB: ${PSQL_DATABASE_NAME} pgadmin: container_name: pgadmin4_container - image: dpage/pgadmin4:latest + image: dpage/pgadmin4:latest@sha256:27914eafcac1ab14d1a50cc680f29c9d976c33aed0562f1b741ab9f33b341890 # restart: unless-stopped network_mode: host depends_on: @@ -59,7 +59,7 @@ services: ########## redis redisdev: env_file: ./.env - image: redis/redis-stack:latest + image: redis/redis-stack:latest@sha256:e19025010760acb0b3d07183fd71e8eac47f835878b0afa91e2355766dc94211 # user: redis # restart: unless-stopped network_mode: host diff --git a/docker/tomcat.Dockerfile b/docker/tomcat.Dockerfile index 4777448..73023a6 100644 --- a/docker/tomcat.Dockerfile +++ b/docker/tomcat.Dockerfile @@ -1,4 +1,4 @@ -FROM tomcat:9-jdk21 +FROM tomcat:9-jdk21@sha256:f7c4623aa616f46473003b325246befcc5fe7120b39b07c977dd44057bbdc306 RUN adduser tomcat