From fc920272090e0b0bceb823aacd5b7a4e4f27254e Mon Sep 17 00:00:00 2001 From: Greg Lueck Date: Mon, 1 Jul 2024 11:23:08 -0400 Subject: [PATCH] Go back to referencing by SHA It appears that it is legal to reference the docker image using both its tag and its SHA, but the tag is totally ignored in that case. Since there is no error checking that the tag matches the SHA, it seems better to just use the SHA and rely on a comment to document which tag this corresponds to. --- .github/workflows/CI.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index d662e0d9..52dad3c9 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -26,9 +26,10 @@ jobs: runs-on: ubuntu-latest # Use the Khronos container with the asciidoctor toolchain preinstalled. We - # reference the image by both its SHA and its tag because they sometimes - # overwrite a tag with a different image (which has a different SHA). - container: khronosgroup/docker-images:asciidoctor-spec.20240630@sha256:bd30a83285a2ea062598f053b5bd8ebc843e16c639c0e4cd88ab4bbb4e63ead3 + # reference the image its SHA rather than its tag because they sometimes + # overwrite a tag with a different image (which has a different SHA). This + # SHA corresponds to tag "asciidoctor-spec.20240630". + container: khronosgroup/docker-images@sha256:bd30a83285a2ea062598f053b5bd8ebc843e16c639c0e4cd88ab4bbb4e63ead3 steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it