mesosphere · jimmidyson · Jan 9, 2023 · Jan 9, 2023
diff --git a/.envrc b/.envrc
@@ -1,4 +1,5 @@
 use asdf
+
 PATH_add .local/bin
 PATH_add skopeo/static
 

diff --git a/.github/workflows/checks-macos.yml b/.github/workflows/checks-macos.yml
@@ -31,6 +31,8 @@ jobs:
 
       - name: Install tools via asdf
         uses: asdf-vm/actions/install@v1
+        with:
+          asdf_branch: v0.11.0
 
       - name: Build
         run: make SKIP_UPX=false build-snapshot

diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
@@ -27,6 +27,8 @@ jobs:
 
       - name: Install asdf
         uses: asdf-vm/actions/setup@v1
+        with:
+          asdf_branch: v0.11.0
 
       - name: Run unit tests
         run: make test
@@ -45,6 +47,8 @@ jobs:
 
       - name: Install asdf
         uses: asdf-vm/actions/setup@v1
+        with:
+          asdf_branch: v0.11.0
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -32,6 +32,8 @@ jobs:
 
     - name: Install tools via asdf
       uses: asdf-vm/actions/install@v1
+      with:
+        asdf_branch: v0.11.0
 
     - name: Build
       run: make build-snapshot

diff --git a/.github/workflows/release-main.yaml b/.github/workflows/release-main.yaml
@@ -28,6 +28,8 @@ jobs:
       - if: ${{ steps.release-please.outputs.release_created }}
         name: Install tools via asdf
         uses: asdf-vm/actions/install@v1
+        with:
+          asdf_branch: v0.11.0
 
       - if: ${{ steps.release-please.outputs.release_created }}
         name: Login to Docker Hub

diff --git a/.go-tools b/.go-tools
@@ -1,3 +1,4 @@
 github.com/oligot/[email protected]
 gotest.tools/[email protected]
 github.com/segmentio/[email protected]
+github.com/google/go-containerregistry/cmd/[email protected]
diff --git a/.tool-versions b/.tool-versions
@@ -7,3 +7,4 @@ helm 3.10.3
 pre-commit 2.21.0
 shfmt 3.6.0
 upx 4.0.1
+gojq 0.12.11
diff --git a/Dockerfile b/Dockerfile
@@ -4,8 +4,8 @@
 # syntax=docker/dockerfile:1
 
 # Use distroless/static:nonroot image for a base.
-FROM --platform=linux/amd64 gcr.io/distroless/static@sha256:6e5f8857479b83d032a14a17f8e0731634c6b8b5e225f53a039085ec1f7698c6 as linux-amd64
-FROM --platform=linux/arm64 gcr.io/distroless/static@sha256:d79a4342bd72644f30436ae22e55ab68a7c3a125e91d76936bcb2be66aa2af57 as linux-arm64
+FROM --platform=linux/amd64 gcr.io/distroless/static@sha256:39e460e64a929bb6d08a7b899eb76c78c17a487b84f7cfe5191415473423471f as linux-amd64
+FROM --platform=linux/arm64 gcr.io/distroless/static@sha256:b5e90ec08ae3e1e72b28a92caf75e9e9f6eae54624e34486155349843d420126 as linux-arm64
 
 FROM --platform=linux/${TARGETARCH} linux-${TARGETARCH}
 

diff --git a/Makefile b/Makefile
@@ -4,7 +4,3 @@
 REPO_ROOT := $(CURDIR)
 
 include make/all.mk
-
-ASDF_VERSION=v0.9.0
-
-CI_DOCKER_BUILD_ARGS=ASDF_VERSION=$(ASDF_VERSION)
diff --git a/make/docker.mk b/make/docker.mk
@@ -10,10 +10,10 @@ endif
 endif
 
 .PHONY: update-distroless-base-image
-update-distroless-base-image: install-tool.gcloud install-tool.gojq skopeo.build; $(info $(M) updating distroless base image)
+update-distroless-base-image: install-tool.gcloud install-tool.gojq install-tool.go.crane; $(info $(M) updating distroless base image)
 	LATEST_DISTROLESS_NONROOT_DIGEST="$$(gcloud container images list-tags gcr.io/distroless/static --format=json | gojq -r '.[] | select(.tags | index("nonroot")) | .digest')"; \
-	DISTROLESS_AMD64_DIGEST="$$(skopeo inspect --raw docker://gcr.io/distroless/static@$${LATEST_DISTROLESS_NONROOT_DIGEST} | gojq -r '.manifests[] | select(.platform.os == "linux" and .platform.architecture == "amd64").digest')"; \
-	DISTROLESS_ARM64_DIGEST="$$(skopeo inspect --raw docker://gcr.io/distroless/static@$${LATEST_DISTROLESS_NONROOT_DIGEST} | gojq -r '.manifests[] | select(.platform.os == "linux" and .platform.architecture == "arm64").digest')"; \
-	sed -i -e "s|^\(FROM --platform=linux/amd64 \).\+$$|\1gcr.io/distroless/static@$${DISTROLESS_AMD64_DIGEST} as linux-amd64|" \
-	       -e "s|^\(FROM --platform=linux/arm64 \).\+$$|\1gcr.io/distroless/static@$${DISTROLESS_ARM64_DIGEST} as linux-arm64|" \
+	DISTROLESS_AMD64_DIGEST="$$(crane manifest gcr.io/distroless/static@$${LATEST_DISTROLESS_NONROOT_DIGEST} | gojq -r '.manifests[] | select(.platform.os == "linux" and .platform.architecture == "amd64").digest')"; \
+	DISTROLESS_ARM64_DIGEST="$$(crane manifest gcr.io/distroless/static@$${LATEST_DISTROLESS_NONROOT_DIGEST} | gojq -r '.manifests[] | select(.platform.os == "linux" and .platform.architecture == "arm64").digest')"; \
+	sed -i -e "s|^\(FROM --platform=linux/amd64 gcr.io/distroless/static@\).\+$$|\1$${DISTROLESS_AMD64_DIGEST} as linux-amd64|" \
+	       -e "s|^\(FROM --platform=linux/arm64 gcr.io/distroless/static@\).\+$$|\1$${DISTROLESS_ARM64_DIGEST} as linux-arm64|" \
 	       Dockerfile