Commit Graph

8 Commits

Author SHA1 Message Date
abhay084 b3a3c978e5 fix: [CI-23751]: bump kaniko-executor base to 1.25.16 to fix symlink regression
kaniko-executor 1.25.15 (Chainguard fork) shipped an overly-strict
securejoin path check (upstream PR #326) that rejects valid `..`-relative
symlinks resolving to an in-image absolute path, e.g. the Java trust-store
link /etc/pki/java/cacerts, failing the build during tar extraction with
"symlink target ... resolves outside destination".

Upstream fixed this in chainguard-forks/kaniko v1.25.16 (PR #440, "store
symlink targets verbatim during tar extraction"). Bump FROM base image and
KANIKO_VERSION 1.25.15 -> 1.25.16 across all registry variants
(docker/ecr/gcr/acr/gar, amd64 + arm64).

Depends on harnesscommunity/kaniko-executor:1.25.16-linux-{amd64,arm64}
being published to Docker Hub before this can be built/released.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-14 13:33:02 -07:00
vinayakharness2026 bddbd90032 fix: remediate vulnerabilities in plugins/kaniko - upgrade kaniko-executor base to 1.25.15 and x/crypto to v0.43.0 (#169) 2026-06-18 22:05:06 +05:30
OP (oppenheimer) a8c364c9e7 update kaniko-executor base image to 1.25.0 from chaingaurds maintained fork (#150) 2025-07-03 19:14:28 +05:30
rahkumar56 982c141391 feat: [CI-13961]: Upgraded gcr.io/kaniko-project/executor version to v1.23.2. (#125) 2024-09-09 11:23:40 +05:30
Aishwarya Lad f41d7cb836 upgrade kaniko version for chmod on ADD and COPY (#121) 2024-07-10 19:44:09 +05:30
Abhay f224543240 fix: [CI-11358]: fix kaniko executor Vulnerabilities (#114) 2024-03-20 12:57:59 +05:30
Soumyajit Das 467287429a fix: [CI-10908]: added kaniko 1.19.2 suport for dockerignore (#92) 2024-01-12 16:17:51 +05:30
Eoin McAfee 5df1d55e7f Split out gcr and gar (#88)
* seperate out gcr and gar
2023-11-23 09:26:55 +00:00