Skip to content

🤖 [RHTAS-build-bot] [main] Update Component images#1480

Open
JasonPowr wants to merge 1 commit intomainfrom
RHTAS-build-bot-update-component-images-main
Open

🤖 [RHTAS-build-bot] [main] Update Component images#1480
JasonPowr wants to merge 1 commit intomainfrom
RHTAS-build-bot-update-component-images-main

Conversation

@JasonPowr
Copy link
Member

@JasonPowr JasonPowr commented Dec 2, 2025
edited
Loading

This PR contains the following changes

Image Old SHA New SHA
registry.redhat.io/rhtas/rekor-search-ui-rhel9 05e1a6f e5e2458
registry.redhat.io/rhtas/fulcio-rhel9 85f602f e2d4ff7
registry.redhat.io/rhtas/certificate-transparency-rhel9 651a5a4 c016b27
registry.redhat.io/rhtas/ctlog-monitor-rhel9 89df84c 9cfd7dc
registry.redhat.io/rhtas/createtree-rhel9 487f9df 4ba9df1
registry.redhat.io/rhtas/rekor-monitor-rhel9 b7f9f8b 88a2346
registry.redhat.io/rhtas/client-server-rhel9 c81aaa8 9d2c018
registry.redhat.io/rhtas/timestamp-authority-rhel9 be62342 76f5819
registry.redhat.io/rhtas/rekor-server-rhel9 af2a790 56e24aa
registry.redhat.io/rhtas/trillian-logserver-rhel9 9ecb8cb ecd55ae
registry.redhat.io/rhtas/trillian-database-rhel9 1295d96 245d744
registry.redhat.io/rhtas/rekor-backfill-redis-rhel9 1e98cb1 3e9d873
registry.redhat.io/rhtas/trillian-logsigner-rhel9 358d52e f48f523
registry.redhat.io/rhtas/tuffer-rhel9 6d8039d fc7cb0f
registry.redhat.io/rhtas/trillian-redis-rhel9 e191b4c e9b9576

@sourcery-ai
Copy link

sourcery-ai bot commented Dec 2, 2025
edited
Loading

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Updates pinned SHAs for multiple RHTAS component container images in config/default/images.env to newer builds.

File-Level Changes

Change Details Files
Bump pinned SHAs for all RHTAS component container images to newer versions.
  • Update rekor-search-ui-rhel9 image SHA
  • Update fulcio-rhel9, certificate-transparency-rhel9, createtree-rhel9, and rekor-monitor-rhel9 image SHAs
  • Update client-server-rhel9, timestamp-authority-rhel9, and rekor-server-rhel9 image SHAs
  • Update trillian-logserver-rhel9, trillian-database-rhel9, rekor-backfill-redis-rhel9, trillian-logsigner-rhel9, tuffer-rhel9, and trillian-redis-rhel9 image SHAs
 config/default/images.env
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@qodo-code-review
Copy link

qodo-code-review bot commented Dec 2, 2025
edited
Loading

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢
No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
🎫 No ticket provided
  • Create ticket/issue
Codebase Duplication Compliance
Codebase context is not defined

Follow the guide to enable codebase context checks.

Custom Compliance
🟢
Generic: Meaningful Naming and Self-Documenting Code

Objective: Ensure all identifiers clearly express their purpose and intent, making code
self-documenting

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Logging Practices

Objective: To ensure logs are useful for debugging and auditing without exposing sensitive
information like PII, PHI, or cardholder data.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Comprehensive Audit Trails

Objective: To create a detailed and reliable record of critical system actions for security analysis
and compliance.

Status:
Out of scope: The PR only updates image digests in an environment file and introduces no executable
logic where audit logging could be added or evaluated.

Referred Code 
RELATED_IMAGE_TRILLIAN_LOG_SIGNER=registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:39287545824681b1d979e5e9d57535f103577bff8038c77eccc661bed21e0faf
RELATED_IMAGE_TRILLIAN_LOG_SERVER=registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:bca903c564f56a2c385f459ddec906a9293f9496db0750ba2787dda387325e07
RELATED_IMAGE_TRILLIAN_DB=registry.redhat.io/rhtas/trillian-database-rhel9@sha256:50a3d30f382ce38fb8d3d74bfb85e1dd141645bc6915b2bcae85b59f5183cc99
RELATED_IMAGE_TRILLIAN_NETCAT=registry.redhat.io/openshift4/ose-tools-rhel9@sha256:47eec19e875c3db11a31ccf4c199ef52cf0d2df3b7c424868f55f9e0d0dd43df
RELATED_IMAGE_CREATETREE=registry.redhat.io/rhtas/createtree-rhel9@sha256:caebefdc6670bdf70cf1a1a6a52f163c0dafbc47d5788aace6e3b7f6f52c00bf
RELATED_IMAGE_FULCIO_SERVER=registry.redhat.io/rhtas/fulcio-rhel9@sha256:4c2d2c718f03ad66e20292ae65d1172bcdd958ba218078015a53792a004208fc
RELATED_IMAGE_REKOR_REDIS=registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:f1cd3b78495883aeba610437888525bba124028716d659512fa9b47f4fe206bd
RELATED_IMAGE_REKOR_SERVER=registry.redhat.io/rhtas/rekor-server-rhel9@sha256:c5682d81d9060411a146cc2d33c2e1dc8c3b188ff3261cd332973f9e6ddda549
RELATED_IMAGE_REKOR_SEARCH_UI=registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:28f089f0d228b72031ae0fcf5183d83c39e2dc595428a9979606061de4ea083c
RELATED_IMAGE_BACKFILL_REDIS=registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:fbf91d2746ddfe1489a562bee7d7d5d02ba7487858baac0d3c5c5437c98ce714
RELATED_IMAGE_TUF=registry.redhat.io/rhtas/tuffer-rhel9@sha256:3a83f55e9510ce20137659794fb5ed9573c609b2359e2a9481263cbc441a39d6
RELATED_IMAGE_CTLOG=registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:ad9e4ff138fef9d8fb3b6ae135309b7d0dc9aa82828661f2218f1acdf47e5beb
RELATED_IMAGE_HTTP_SERVER=registry.redhat.io/ubi9/httpd-24@sha256:8536169e5537fe6c330eba814248abdcf39cdd8f7e7336034d74e6fda9544050
RELATED_IMAGE_TIMESTAMP_AUTHORITY=registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874
RELATED_IMAGE_CLIENT_SERVER=registry.redhat.io/rhtas/client-server-rhel9@sha256:713ec6d4ac386613674a85c7e387a0e60be56e9a327470ee3ca5715764519a9d
RELATED_IMAGE_REKOR_MONITOR=registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:5457a1c41ab88b0684324aff2a0081aff0b3c5a5a7d145bcab6183f30697db39

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Robust Error Handling and Edge Case Management

Objective: Ensure comprehensive error handling that provides meaningful context and graceful
degradation

Status:
No error paths: Only environment variable assignments were changed, adding no code paths where errors or
edge cases could be handled.

Referred Code 
RELATED_IMAGE_TRILLIAN_LOG_SIGNER=registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:39287545824681b1d979e5e9d57535f103577bff8038c77eccc661bed21e0faf
RELATED_IMAGE_TRILLIAN_LOG_SERVER=registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:bca903c564f56a2c385f459ddec906a9293f9496db0750ba2787dda387325e07
RELATED_IMAGE_TRILLIAN_DB=registry.redhat.io/rhtas/trillian-database-rhel9@sha256:50a3d30f382ce38fb8d3d74bfb85e1dd141645bc6915b2bcae85b59f5183cc99
RELATED_IMAGE_TRILLIAN_NETCAT=registry.redhat.io/openshift4/ose-tools-rhel9@sha256:47eec19e875c3db11a31ccf4c199ef52cf0d2df3b7c424868f55f9e0d0dd43df
RELATED_IMAGE_CREATETREE=registry.redhat.io/rhtas/createtree-rhel9@sha256:caebefdc6670bdf70cf1a1a6a52f163c0dafbc47d5788aace6e3b7f6f52c00bf
RELATED_IMAGE_FULCIO_SERVER=registry.redhat.io/rhtas/fulcio-rhel9@sha256:4c2d2c718f03ad66e20292ae65d1172bcdd958ba218078015a53792a004208fc
RELATED_IMAGE_REKOR_REDIS=registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:f1cd3b78495883aeba610437888525bba124028716d659512fa9b47f4fe206bd
RELATED_IMAGE_REKOR_SERVER=registry.redhat.io/rhtas/rekor-server-rhel9@sha256:c5682d81d9060411a146cc2d33c2e1dc8c3b188ff3261cd332973f9e6ddda549
RELATED_IMAGE_REKOR_SEARCH_UI=registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:28f089f0d228b72031ae0fcf5183d83c39e2dc595428a9979606061de4ea083c
RELATED_IMAGE_BACKFILL_REDIS=registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:fbf91d2746ddfe1489a562bee7d7d5d02ba7487858baac0d3c5c5437c98ce714
RELATED_IMAGE_TUF=registry.redhat.io/rhtas/tuffer-rhel9@sha256:3a83f55e9510ce20137659794fb5ed9573c609b2359e2a9481263cbc441a39d6
RELATED_IMAGE_CTLOG=registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:ad9e4ff138fef9d8fb3b6ae135309b7d0dc9aa82828661f2218f1acdf47e5beb
RELATED_IMAGE_HTTP_SERVER=registry.redhat.io/ubi9/httpd-24@sha256:8536169e5537fe6c330eba814248abdcf39cdd8f7e7336034d74e6fda9544050
RELATED_IMAGE_TIMESTAMP_AUTHORITY=registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874
RELATED_IMAGE_CLIENT_SERVER=registry.redhat.io/rhtas/client-server-rhel9@sha256:713ec6d4ac386613674a85c7e387a0e60be56e9a327470ee3ca5715764519a9d
RELATED_IMAGE_REKOR_MONITOR=registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:5457a1c41ab88b0684324aff2a0081aff0b3c5a5a7d145bcab6183f30697db39

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Error Handling

Objective: To prevent the leakage of sensitive system information through error messages while
providing sufficient detail for internal debugging.

Status:
No user errors: The diff contains only image digest updates in configuration and does not affect
user-facing error handling.

Referred Code 
RELATED_IMAGE_TRILLIAN_LOG_SIGNER=registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:39287545824681b1d979e5e9d57535f103577bff8038c77eccc661bed21e0faf
RELATED_IMAGE_TRILLIAN_LOG_SERVER=registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:bca903c564f56a2c385f459ddec906a9293f9496db0750ba2787dda387325e07
RELATED_IMAGE_TRILLIAN_DB=registry.redhat.io/rhtas/trillian-database-rhel9@sha256:50a3d30f382ce38fb8d3d74bfb85e1dd141645bc6915b2bcae85b59f5183cc99
RELATED_IMAGE_TRILLIAN_NETCAT=registry.redhat.io/openshift4/ose-tools-rhel9@sha256:47eec19e875c3db11a31ccf4c199ef52cf0d2df3b7c424868f55f9e0d0dd43df
RELATED_IMAGE_CREATETREE=registry.redhat.io/rhtas/createtree-rhel9@sha256:caebefdc6670bdf70cf1a1a6a52f163c0dafbc47d5788aace6e3b7f6f52c00bf
RELATED_IMAGE_FULCIO_SERVER=registry.redhat.io/rhtas/fulcio-rhel9@sha256:4c2d2c718f03ad66e20292ae65d1172bcdd958ba218078015a53792a004208fc
RELATED_IMAGE_REKOR_REDIS=registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:f1cd3b78495883aeba610437888525bba124028716d659512fa9b47f4fe206bd
RELATED_IMAGE_REKOR_SERVER=registry.redhat.io/rhtas/rekor-server-rhel9@sha256:c5682d81d9060411a146cc2d33c2e1dc8c3b188ff3261cd332973f9e6ddda549
RELATED_IMAGE_REKOR_SEARCH_UI=registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:28f089f0d228b72031ae0fcf5183d83c39e2dc595428a9979606061de4ea083c
RELATED_IMAGE_BACKFILL_REDIS=registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:fbf91d2746ddfe1489a562bee7d7d5d02ba7487858baac0d3c5c5437c98ce714
RELATED_IMAGE_TUF=registry.redhat.io/rhtas/tuffer-rhel9@sha256:3a83f55e9510ce20137659794fb5ed9573c609b2359e2a9481263cbc441a39d6
RELATED_IMAGE_CTLOG=registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:ad9e4ff138fef9d8fb3b6ae135309b7d0dc9aa82828661f2218f1acdf47e5beb
RELATED_IMAGE_HTTP_SERVER=registry.redhat.io/ubi9/httpd-24@sha256:8536169e5537fe6c330eba814248abdcf39cdd8f7e7336034d74e6fda9544050
RELATED_IMAGE_TIMESTAMP_AUTHORITY=registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874
RELATED_IMAGE_CLIENT_SERVER=registry.redhat.io/rhtas/client-server-rhel9@sha256:713ec6d4ac386613674a85c7e387a0e60be56e9a327470ee3ca5715764519a9d
RELATED_IMAGE_REKOR_MONITOR=registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:5457a1c41ab88b0684324aff2a0081aff0b3c5a5a7d145bcab6183f30697db39

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Security-First Input Validation and Data Handling

Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent
vulnerabilities

Status:
Config only: The change updates container image references and does not introduce input handling or
data processing that could be validated here.

Referred Code 
RELATED_IMAGE_TRILLIAN_LOG_SIGNER=registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:39287545824681b1d979e5e9d57535f103577bff8038c77eccc661bed21e0faf
RELATED_IMAGE_TRILLIAN_LOG_SERVER=registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:bca903c564f56a2c385f459ddec906a9293f9496db0750ba2787dda387325e07
RELATED_IMAGE_TRILLIAN_DB=registry.redhat.io/rhtas/trillian-database-rhel9@sha256:50a3d30f382ce38fb8d3d74bfb85e1dd141645bc6915b2bcae85b59f5183cc99
RELATED_IMAGE_TRILLIAN_NETCAT=registry.redhat.io/openshift4/ose-tools-rhel9@sha256:47eec19e875c3db11a31ccf4c199ef52cf0d2df3b7c424868f55f9e0d0dd43df
RELATED_IMAGE_CREATETREE=registry.redhat.io/rhtas/createtree-rhel9@sha256:caebefdc6670bdf70cf1a1a6a52f163c0dafbc47d5788aace6e3b7f6f52c00bf
RELATED_IMAGE_FULCIO_SERVER=registry.redhat.io/rhtas/fulcio-rhel9@sha256:4c2d2c718f03ad66e20292ae65d1172bcdd958ba218078015a53792a004208fc
RELATED_IMAGE_REKOR_REDIS=registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:f1cd3b78495883aeba610437888525bba124028716d659512fa9b47f4fe206bd
RELATED_IMAGE_REKOR_SERVER=registry.redhat.io/rhtas/rekor-server-rhel9@sha256:c5682d81d9060411a146cc2d33c2e1dc8c3b188ff3261cd332973f9e6ddda549
RELATED_IMAGE_REKOR_SEARCH_UI=registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:28f089f0d228b72031ae0fcf5183d83c39e2dc595428a9979606061de4ea083c
RELATED_IMAGE_BACKFILL_REDIS=registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:fbf91d2746ddfe1489a562bee7d7d5d02ba7487858baac0d3c5c5437c98ce714
RELATED_IMAGE_TUF=registry.redhat.io/rhtas/tuffer-rhel9@sha256:3a83f55e9510ce20137659794fb5ed9573c609b2359e2a9481263cbc441a39d6
RELATED_IMAGE_CTLOG=registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:ad9e4ff138fef9d8fb3b6ae135309b7d0dc9aa82828661f2218f1acdf47e5beb
RELATED_IMAGE_HTTP_SERVER=registry.redhat.io/ubi9/httpd-24@sha256:8536169e5537fe6c330eba814248abdcf39cdd8f7e7336034d74e6fda9544050
RELATED_IMAGE_TIMESTAMP_AUTHORITY=registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:7b3eb9108c50321278ccad2032b3fb365911df83084cca953dd068cdd51f7874
RELATED_IMAGE_CLIENT_SERVER=registry.redhat.io/rhtas/client-server-rhel9@sha256:713ec6d4ac386613674a85c7e387a0e60be56e9a327470ee3ca5715764519a9d
RELATED_IMAGE_REKOR_MONITOR=registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:5457a1c41ab88b0684324aff2a0081aff0b3c5a5a7d145bcab6183f30697db39

Learn more about managing compliance generic rules or creating your own custom rules

  • Update
Compliance status legend 🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

sourcery-ai[bot]
sourcery-ai bot reviewed Dec 2, 2025
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey there - I've reviewed your changes and they look great!

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@qodo-code-review
Copy link

qodo-code-review bot commented Dec 2, 2025
edited
Loading

PR Code Suggestions ✨

No code suggestions found for the PR.

@JasonPowr JasonPowr force-pushed the RHTAS-build-bot-update-component-images-main branch 7 times, most recently from 686b6b8 to 64667af Compare December 9, 2025 08:27
@JasonPowr JasonPowr force-pushed the RHTAS-build-bot-update-component-images-main branch 3 times, most recently from 891253a to 2257db2 Compare December 16, 2025 21:21
@JasonPowr JasonPowr force-pushed the RHTAS-build-bot-update-component-images-main branch 6 times, most recently from 187ba12 to 41861f1 Compare December 19, 2025 11:51
@JasonPowr JasonPowr force-pushed the RHTAS-build-bot-update-component-images-main branch 9 times, most recently from 38ee269 to f005c92 Compare January 5, 2026 12:28
@JasonPowr JasonPowr force-pushed the RHTAS-build-bot-update-component-images-main branch 28 times, most recently from c342dd6 to 423e587 Compare February 6, 2026 14:35
@JasonPowr JasonPowr force-pushed the RHTAS-build-bot-update-component-images-main branch from 423e587 to c47f7bc Compare February 6, 2026 14:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

Review effort 1/5

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JasonPowr