Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Dockerfile.dist
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

## Build

FROM registry.access.redhat.com/ubi9/go-toolset:1.26.3@sha256:17c888d75753f128f6cbdc5587932c3abd2632ca8e0931aa27b9a60c7a75ac62 AS build
FROM registry.access.redhat.com/ubi9/go-toolset:1.26.4-1782980183@sha256:b2bc0c6c92c56dce575ed1b2dec1ec9f8b345a80ef5e74d9bfd530b6b354feeb AS build

Check failure on line 19 in Dockerfile.dist

View workflow job for this annotation

GitHub Actions / Test

Containerfile version incompatible, saw 1.26.4, running with version: 1.26.3

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[high] protected-path

This PR modifies Dockerfile.dist, which falls under the Dockerfile protected path. The PR has no linked issue providing authorization for the change. While the PR is an automated Renovate/MintMaker dependency update (Docker tag bump from 1.26.3 to 1.26.4-1782980183 with updated digest), and renovate.json is configured in the repository, human approval is always required for protected-path changes.

Suggested fix: A maintainer should review and approve this Dockerfile change. No code changes are needed β€” this is a governance gate, not a code defect.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[high] protected-path

This file is under a protected path (Dockerfile). The PR modifies a governance/infrastructure file but has no linked issue justifying the change. While this is an automated Renovate dependency update (go-toolset 1.26.3 β†’ 1.26.4-1782980183 with pinned digest), protected-path changes always require human approval regardless of the change's nature.

Suggested fix: A human maintainer must review and approve this protected-path change. Consider linking a tracking issue or policy that authorizes automated Dockerfile base image updates to streamline future Renovate PRs.


ARG TARGETOS
ARG TARGETARCH
Expand Down
Loading