Bump ubi9/ubi-minimal from 9.7-1776645941 to 9.7-1776833838 in /build

[dependabot]

Bumps ubi9/ubi-minimal from 9.7-1776645941 to 9.7-1776833838.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated container base images to latest patches for improved security and stability.

[coderabbitai]

Walkthrough

The pull request updates the base image version used in two Dockerfiles from tag 9.7-1776645941 to 9.7-1776833838 for the ubi9/ubi-minimal image. All other build configuration and runtime settings remain unchanged.

Changes

Cohort / File(s)	Summary
Base Image Version Updates build/Dockerfile, build/Dockerfile.olm-registry	Updates the base image tag from 9.7-1776645941 to 9.7-1776833838 for the registry.access.redhat.com/ubi9/ubi-minimal image.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 12

✅ Passed checks (12 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and specifically describes the main change: bumping the ubi9/ubi-minimal base image version from one tag to another across the /build directory.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	Pull request only modifies Docker base image versions in Dockerfile files without any test modifications, making custom check not applicable.
Test Structure And Quality	✅ Passed	PR contains only Docker base image version updates in Dockerfile files with no Ginkgo test code to review.
Microshift Test Compatibility	✅ Passed	Dependabot dependency update only modifying Dockerfile base image versions; no new Ginkgo e2e tests added, so custom check requirement is not applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	PR contains only Docker base image version updates and no Ginkgo e2e test changes, making the check inapplicable.
Topology-Aware Scheduling Compatibility	✅ Passed	PR only modifies Docker image tags in Dockerfiles without adding deployment manifests, operator code, or scheduling constraints.
Ote Binary Stdout Contract	✅ Passed	PR only updates Docker base image tags in Dockerfiles with no changes to Go source code, logging, or process-level initialization affecting the OTE binary stdout contract.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	This PR only updates Docker base image versions in Dockerfile files; no Ginkgo e2e tests are added or modified.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/docker/build/ubi9/ubi-minimal-9.7-1776833838

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign clcollins for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

🧹 Nitpick comments (1)

build/Dockerfile (1)

11-11: Pin the base image by digest for immutable rebuilds and supply-chain control.

Both build/Dockerfile (line 11) and build/Dockerfile.olm-registry (line 7) use mutable tags without digest pins. Add @sha256:digest to each reference so rebuilds remain reproducible even if the tag is repointed.

🔧 Proposed change

-FROM registry.access.redhat.com/ubi9/ubi-minimal:9.7-1776833838
+FROM registry.access.redhat.com/ubi9/ubi-minimal:9.7-1776833838@sha256:<resolved_digest>

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@build/Dockerfile` at line 11, The FROM instruction currently uses a mutable
tag ("ubi-minimal:9.7-1776833838"); replace that tag with a pinned digest form
by appending `@sha256`:<actual-digest> to ensure immutable rebuilds and
supply-chain control—update the FROM line in the Dockerfile (the FROM
instruction) and make the parallel change in build/Dockerfile.olm-registry (the
analogous FROM instruction) to use the exact sha256 digest for the same registry
image.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@build/Dockerfile`:
- Line 11: The FROM instruction currently uses a mutable tag
("ubi-minimal:9.7-1776833838"); replace that tag with a pinned digest form by
appending `@sha256`:<actual-digest> to ensure immutable rebuilds and supply-chain
control—update the FROM line in the Dockerfile (the FROM instruction) and make
the parallel change in build/Dockerfile.olm-registry (the analogous FROM
instruction) to use the exact sha256 digest for the same registry image.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 9506db35-bf68-40e5-8ed5-75cb23f98a51

📥 Commits

Reviewing files that changed from the base of the PR and between fec8505 and da5108e.

📒 Files selected for processing (2)

• build/Dockerfile
• build/Dockerfile.olm-registry

[openshift-ci]

@dependabot[bot]: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 53.59%. Comparing base (fec8505) to head (da5108e).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #603   +/-   ##
=======================================
  Coverage   53.59%   53.59%           
=======================================
  Files         123      123           
  Lines        6165     6165           
=======================================
  Hits         3304     3304           
  Misses       2668     2668           
  Partials      193      193           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.