Bump ubi9/ubi-minimal from 9.7-1776833838 to 9.7-1777857961 in /build

[dependabot]

Bumps ubi9/ubi-minimal from 9.7-1776833838 to 9.7-1777857961.

Summary by CodeRabbit

Release Notes

• Chores
  • Updated container base images to the latest available versions for improved security patches and system compatibility.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 48825fbc-731e-4414-96db-d1f15dbcf52e

📥 Commits

Reviewing files that changed from the base of the PR and between ece73f6 and e7bf3f6.

📒 Files selected for processing (2)

• build/Dockerfile
• build/Dockerfile.olm-registry

✅ Files skipped from review due to trivial changes (1)

• build/Dockerfile.olm-registry

🚧 Files skipped from review as they are similar to previous changes (1)

• build/Dockerfile

---

Walkthrough

Updated the UBI9 minimal base image tag in two Dockerfiles from 9.7-1776833838 to 9.7-1777857961. No other build steps, copied files, runtime configuration, or entrypoints were changed.

Changes

Base Image Update

Layer / File(s)	Summary
Base Image Tags build/Dockerfile, build/Dockerfile.olm-registry	Final runtime stage base image updated from registry.access.redhat.com/ubi9/ubi-minimal:9.7-1776833838 to registry.access.redhat.com/ubi9/ubi-minimal:9.7-1777857961. No other instructions modified.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 10 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is minimal and does not follow the required template structure, missing key sections like bug description, testing steps, and validation procedures.	Add required template sections: explain the purpose of the bump, include testing steps, and add a reference issue number (e.g., Ref OSD-0000).
Microshift Test Compatibility	⚠️ Warning	Pull request adds unprotected Ginkgo e2e integration tests in int/int_test.go that directly use Machine/MachineSet APIs (machine.openshift.io), which are unavailable on MicroShift.	Add [apigroup:machine.openshift.io] tags to test names, [Skipped:MicroShift] labels, or exutil.IsMicroShiftCluster() checks to prevent execution on MicroShift.

✅ Passed checks (10 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and specifically describes the main change: a dependency bump for the ubi9/ubi-minimal Docker image with exact version numbers.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	PR modifies only Docker base image tags; Ginkgo test check is not applicable to Dockerfile changes.
Test Structure And Quality	✅ Passed	The custom check for test structure and quality is not applicable to this pull request, as it only modifies Docker base image tags in Dockerfile files and does not include any changes to Ginkgo test code.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This PR only updates Docker base image tags in Dockerfiles without adding new Ginkgo e2e tests, so it is not subject to the SNO Test Compatibility check.
Topology-Aware Scheduling Compatibility	✅ Passed	PR only updates Docker base image tags without introducing scheduling constraints or modifying deployment manifests, maintaining compatibility with all OpenShift topologies.
Ote Binary Stdout Contract	✅ Passed	PR contains only Docker base image tag updates with no application code changes that could violate the OTE Binary Stdout Contract.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	Pull request only updates Docker base image tags in build files. No new Ginkgo e2e tests are added or modified.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/docker/build/ubi9/ubi-minimal-9.7-1777857961

---

_{Review rate limit: 8/10 reviews remaining, refill in 11 minutes and 59 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign typeid for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

🧹 Nitpick comments (1)

build/Dockerfile.olm-registry (1)

7-7: Pin the base image by digest for reproducible and safer builds.

Red Hat recommends pinning container base images by digest in production Dockerfiles to prevent tag drift and ensure reproducibility. Replace the mutable tag ubi-minimal:9.7-1777857961 with @sha256:... digest while keeping the tag reference for readability. Note: the tag 9.7-1777857961 does not appear in current registries; verify the correct tag/digest pair from the registry before committing.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@build/Dockerfile.olm-registry` at line 7, The FROM line in the Dockerfile
(FROM registry.access.redhat.com/ubi9/ubi-minimal:9.7-1777857961) should be
pinned by digest to prevent tag drift: look up the official registry to find the
matching sha256 digest for the ubi-minimal:9.7-1777857961 image and replace the
tag-only reference with the digest form while preserving the tag for readability
(e.g., keep the tag after the image name but add `@sha256`:<digest>); update the
FROM instruction accordingly and verify the tag/digest pair is correct before
committing.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@build/Dockerfile.olm-registry`:
- Line 7: The FROM line in the Dockerfile (FROM
registry.access.redhat.com/ubi9/ubi-minimal:9.7-1777857961) should be pinned by
digest to prevent tag drift: look up the official registry to find the matching
sha256 digest for the ubi-minimal:9.7-1777857961 image and replace the tag-only
reference with the digest form while preserving the tag for readability (e.g.,
keep the tag after the image name but add `@sha256`:<digest>); update the FROM
instruction accordingly and verify the tag/digest pair is correct before
committing.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 59cafb1b-9103-4e8d-9162-e2449a636256

📥 Commits

Reviewing files that changed from the base of the PR and between 6c48650 and ece73f6.

📒 Files selected for processing (2)

• build/Dockerfile
• build/Dockerfile.olm-registry

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.60%. Comparing base (6c48650) to head (ece73f6).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #238   +/-   ##
=======================================
  Coverage   58.60%   58.60%           
=======================================
  Files           5        5           
  Lines         244      244           
=======================================
  Hits          143      143           
  Misses         87       87           
  Partials       14       14           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[openshift-ci]

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/images	e7bf3f6	link	true	/test images
ci/prow/coverage	e7bf3f6	link	true	/test coverage

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.