Skip to content

Commit 99d4356

Browse files
renovate[bot]renovate[bot]
authored
chore(deps): pin dependencies
1 parent 922bdd1 commit 99d4356

File tree

3 files changed

+16
-16
lines changed

3 files changed

+16
-16
lines changed

.github/workflows/ci.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313

1414
services:
1515
db:
16-
image: postgres:18.1
16+
image: postgres:18.1@sha256:1090bc3a8ccfb0b55f78a494d76f8d603434f7e4553543d6e807bc7bd6bbd17f
1717
# Health checks to wait until postgres has started
1818
options: >-
1919
--health-cmd pg_isready
@@ -28,7 +28,7 @@ jobs:
2828
- 5432:5432
2929

3030
redis:
31-
image: redis:8.4.0
31+
image: redis:8.4.0@sha256:c22af04bb576503bf16b3e34a1fd2fd82de0f765afd866d2e380145e0af30d78
3232
ports:
3333
- 6379:6379
3434

Dockerfile

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# Build stage
2-
FROM python:3.13.7-slim as builder
2+
FROM python:3.13.7-slim@sha256:5f55cdf0c5d9dc1a415637a5ccc4a9e18663ad203673173b8cda8f8dcacef689 as builder
33
LABEL maintainer="ODL DevOps <mitx-devops@mit.edu>"
44

55
# Set environment variables for build
@@ -29,7 +29,7 @@ ENV PYTHONUNBUFFERED=1 \
2929
ENV PATH="/opt/venv/bin:$PATH"
3030

3131
# Install uv
32-
COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /usr/local/bin/
32+
COPY --from=ghcr.io/astral-sh/uv:latest@sha256:240fb85ab0f263ef12f492d8476aa3a2e4e1e333f7d67fbdd923d00a506a516a /uv /uvx /usr/local/bin/
3333

3434
COPY pyproject.toml uv.lock /src/
3535
RUN mkdir -p /opt/venv && chown -R mitodl:mitodl /src /opt/venv
@@ -38,14 +38,14 @@ USER mitodl
3838
WORKDIR /src
3939
RUN uv sync --frozen --no-install-project
4040

41-
FROM node:24-slim AS node_builder
41+
FROM node:24-slim@sha256:b506e7321f176aae77317f99d67a24b272c1f09f1d10f1761f2773447d8da26c AS node_builder
4242
COPY . /src
4343
WORKDIR /src
4444
ENV NODE_ENV=production
4545
RUN yarn install --immutable && yarn build
4646

4747
# Runtime stage
48-
FROM python:3.13.7-slim as runtime
48+
FROM python:3.13.7-slim@sha256:5f55cdf0c5d9dc1a415637a5ccc4a9e18663ad203673173b8cda8f8dcacef689 as runtime
4949

5050
# Set environment variables for production
5151
ENV PYTHONUNBUFFERED=1 \

docker-compose.yml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ networks:
2828
- subnet: "10.1.0.0/24"
2929
services:
3030
db:
31-
image: postgres:18.1
31+
image: postgres:18.1@sha256:1090bc3a8ccfb0b55f78a494d76f8d603434f7e4553543d6e807bc7bd6bbd17f
3232
ports:
3333
- "5431:5432"
3434
environment:
@@ -39,15 +39,15 @@ services:
3939
ipv4_address: 10.1.0.103
4040

4141
redis:
42-
image: redis:8.4.0
42+
image: redis:8.4.0@sha256:c22af04bb576503bf16b3e34a1fd2fd82de0f765afd866d2e380145e0af30d78
4343
ports:
4444
- "6379"
4545
networks:
4646
- default-network
4747
- concourse-network
4848

4949
nginx:
50-
image: nginx:1.29.7
50+
image: nginx:1.29.7@sha256:1854da86e82d5dfb49a8f3d78b099adcc7e36608b207146ed95cd47937938a40
5151
environment:
5252
AWS_PREVIEW_BUCKET_NAME: $AWS_PREVIEW_BUCKET_NAME
5353
AWS_PUBLISH_BUCKET_NAME: $AWS_PUBLISH_BUCKET_NAME
@@ -102,7 +102,7 @@ services:
102102
- django_media:/var/media
103103

104104
watch:
105-
image: node:24.14.1
105+
image: node:24.14.1@sha256:80fc934952c8f1b2b4d39907af7211f8a9fff1a4c2cf673fb49099292c251cec
106106
working_dir: /src
107107
command: >
108108
/bin/bash -c './webpack_dev_server.sh --install'
@@ -146,7 +146,7 @@ services:
146146
- django_media:/var/media
147147

148148
concourse-db:
149-
image: postgres:latest
149+
image: postgres:latest@sha256:52e6ffd11fddd081ae63880b635b2a61c14008c17fc98cdc7ce5472265516dd0
150150
environment:
151151
POSTGRES_DB: concourse
152152
POSTGRES_USER: postgres
@@ -161,7 +161,7 @@ services:
161161
- default-network
162162

163163
concourse-keys:
164-
image: gotechnies/alpine-ssh
164+
image: gotechnies/alpine-ssh@sha256:c356c4aec99f7ef1e64e180260152e4607f45fccc93c9e72088746f506d63a16
165165
entrypoint: /scripts/keys.sh
166166
healthcheck:
167167
test: "exit 0"
@@ -170,7 +170,7 @@ services:
170170
- concourse-keys:/concourse-keys
171171

172172
concourse:
173-
image: concourse/concourse:7.14
173+
image: concourse/concourse:7.14@sha256:ff7ee75c781c2e073296b915f0612f4bda8d9267ded13678b6d6217b1f7b4369
174174
command: web
175175
privileged: true
176176
depends_on:
@@ -219,7 +219,7 @@ services:
219219
ipv4_address: 10.1.0.101
220220

221221
concourse-worker:
222-
image: concourse/concourse:7.14
222+
image: concourse/concourse:7.14@sha256:ff7ee75c781c2e073296b915f0612f4bda8d9267ded13678b6d6217b1f7b4369
223223
command: worker
224224
privileged: true
225225
depends_on:
@@ -250,7 +250,7 @@ services:
250250
ipv4_address: 10.1.0.104
251251

252252
s3:
253-
image: minio/minio:latest
253+
image: minio/minio:latest@sha256:14cea493d9a34af32f524e538b8346cf79f3321eff8e708c1e2960462bd8936e
254254
ports:
255255
- "9000:9000"
256256
- "9001:9001"
@@ -271,7 +271,7 @@ services:
271271
concourse-network:
272272
ipv4_address: 10.1.0.100
273273
create-buckets:
274-
image: minio/mc
274+
image: minio/mc@sha256:a7fe349ef4bd8521fb8497f55c6042871b2ae640607cf99d9bede5e9bdf11727
275275
depends_on:
276276
s3:
277277
condition: service_healthy

0 commit comments

Comments
 (0)