From f50180eed5e898f1e4c74964b6d4e9b81890ee48 Mon Sep 17 00:00:00 2001
From: Josh Wolf <josh@wolfs.io>
Date: Tue, 7 May 2024 09:25:30 -0400
Subject: [PATCH] Revert "Update images digests" (#18725)

---
 .github/actions/docker-run/action.yaml | 2 +-
 .github/workflows/build-beta.yaml      | 2 +-
 .github/workflows/build-old.yaml       | 6 +++---
 .github/workflows/build-world.yaml     | 2 +-
 .github/workflows/build.yaml           | 6 +++---
 .github/workflows/lint-world.yaml      | 2 +-
 Makefile                               | 4 ++--
 7 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/.github/actions/docker-run/action.yaml b/.github/actions/docker-run/action.yaml
index 7409bbfc826..bea962a64ea 100644
--- a/.github/actions/docker-run/action.yaml
+++ b/.github/actions/docker-run/action.yaml
@@ -6,7 +6,7 @@ inputs:
     required: true
   image:
     description: "The image to use"
-    default: "ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6"
+    default: "ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da"
     required: false
   workdir:
     description: "The images working directory"
diff --git a/.github/workflows/build-beta.yaml b/.github/workflows/build-beta.yaml
index bf6f23c84fe..862f3390381 100644
--- a/.github/workflows/build-beta.yaml
+++ b/.github/workflows/build-beta.yaml
@@ -152,7 +152,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/build-old.yaml b/.github/workflows/build-old.yaml
index 2e51dca18c4..a800a403f61 100644
--- a/.github/workflows/build-old.yaml
+++ b/.github/workflows/build-old.yaml
@@ -26,7 +26,7 @@ jobs:
       contents: read
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
       # TODO: Deprivilege
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
@@ -139,7 +139,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
 
     steps:
       - name: Harden Runner
@@ -262,7 +262,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/build-world.yaml b/.github/workflows/build-world.yaml
index e50b474a0b7..2282d14e7a3 100644
--- a/.github/workflows/build-world.yaml
+++ b/.github/workflows/build-world.yaml
@@ -27,7 +27,7 @@ jobs:
     # permissions:
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
       # TODO: Deprivilege
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 590b07c543c..626ac210696 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -29,7 +29,7 @@ jobs:
       contents: read
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
       # TODO: Deprivilege
       options: |
         --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
@@ -170,7 +170,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
 
     steps:
       - name: Harden Runner
@@ -293,7 +293,7 @@ jobs:
 
     container:
       # NOTE: This step only signs and uploads, so it doesn't need any privileges
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/lint-world.yaml b/.github/workflows/lint-world.yaml
index a5d1b05c446..e42eb36a989 100644
--- a/.github/workflows/lint-world.yaml
+++ b/.github/workflows/lint-world.yaml
@@ -32,7 +32,7 @@ jobs:
       group: wolfi-os-builder-${{ matrix.arch }}
 
     container:
-      image: ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+      image: ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
 
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
diff --git a/Makefile b/Makefile
index c681d4981e1..ae8099ef758 100644
--- a/Makefile
+++ b/Makefile
@@ -188,7 +188,7 @@ dev-container:
 	    -v "${PWD}:${PWD}" \
 	    -w "${PWD}" \
 	    -e SOURCE_DATE_EPOCH=0 \
-	    ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+	    ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
 
 PACKAGES_CONTAINER_FOLDER ?= /work/packages
 TMP_REPOSITORIES_DIR := $(shell mktemp -d)
@@ -253,6 +253,6 @@ dev-container-wolfi:
 		--mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \
 		--mount type=bind,source="$(TMP_REPOSITORIES_FILE)",destination="/etc/apk/repositories",readonly \
 		-w "$(PACKAGES_CONTAINER_FOLDER)" \
-		ghcr.io/wolfi-dev/sdk:latest@sha256:98416ef9cffdea730b9bf88628b07a671683f98e9b9ff60bf45c41d33376b2d6
+		ghcr.io/wolfi-dev/sdk:latest@sha256:420bc33eb98b6c9fb2d785d7d9dfd6ed2084fa7eb8768a5114cc4d6723e5f1da
 	@rm "$(TMP_REPOSITORIES_FILE)"
 	@rmdir "$(TMP_REPOSITORIES_DIR)"