Skip to content

fix(ci): bump golang base image to 1.26.5-alpine (fixes trivy CRITICAL/HIGH findings)#86

Merged
Patel230 merged 3 commits into
mainfrom
fix/golang-base
Jul 8, 2026
Merged

fix(ci): bump golang base image to 1.26.5-alpine (fixes trivy CRITICAL/HIGH findings)#86
Patel230 merged 3 commits into
mainfrom
fix/golang-base

Conversation

@Patel230

@Patel230 Patel230 commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

golang:1.26.4-alpine has known CRITICAL/HIGH CVEs that cause the Docker build-and-push CI to fail (Trivy scan exit code 1).

Bumps to golang:1.26.5-alpine which includes security patches.

Fixes the build-and-push CI failure.

Patel230 added 3 commits July 8, 2026 18:08
When a PR branch name is passed as ref to checkout-eyrie, and that
ref doesn't exist in the external repo, the fallback logic should
run even when git fetch fails (it previously exited before reaching
the fallback due to pipefail + `&&` chain).

Add `2>/dev/null` and a secondary fetch-from-main fallback.
@Patel230 Patel230 merged commit d16ed84 into main Jul 8, 2026
18 checks passed
@Patel230 Patel230 deleted the fix/golang-base branch July 8, 2026 16:59
Patel230 added a commit that referenced this pull request Jul 11, 2026
…L/HIGH findings) (#86)

* fix(ci): bump golang base image to 1.26.5-alpine to fix trivy CRITICAL/HIGH findings

* fix(ci): handle missing branch ref in checkout-eyrie fallback

When a PR branch name is passed as ref to checkout-eyrie, and that
ref doesn't exist in the external repo, the fallback logic should
run even when git fetch fails (it previously exited before reaching
the fallback due to pipefail + `&&` chain).

Add `2>/dev/null` and a secondary fetch-from-main fallback.

* ci: fix Trivy scan crash (exit-code back to 0)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant