search

kubernetes / registry.k8s.io

This project is the repo for registry.k8s.io, the production OCI registry service for Kubernetes' container image artifacts
https://registry.k8s.io
Apache License 2.0
397 stars 69 forks source link

pin base image #293

Closed BenTheElder closed 1 month ago

BenTheElder commented 1 month ago

We shouldn't actually need to update this often, as it only contains cacerts, tzdata, and some static completely files (an /etc/passwd entry for root ... etc)

Better to pin it and avoid surprises / compromise.

https://github.com/GoogleContainerTools/distroless/blob/main/base/README.md

dims commented 1 month ago

/approve /lgtm /hold

(please remove hold when ready)

k8s-ci-robot commented 1 month ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: BenTheElder, dims

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes/registry.k8s.io/blob/main/OWNERS)~~ [BenTheElder,dims] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
BenTheElder commented 1 month ago

/hold cancel