Bump ubi9/ubi-minimal from 9.7-1773939694 to 9.7-1776645941 in /build

[dependabot]

Bumps ubi9/ubi-minimal from 9.7-1773939694 to 9.7-1776645941.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

Release Notes

• Chores
  • Updated Docker base image references to the latest available patch versions across build configurations for improved security and platform compatibility.

[coderabbitai]

Walkthrough

Two Dockerfile base image tags are updated from 9.7-1773939694 to 9.7-1776645941 for the registry.access.redhat.com/ubi9/ubi-minimal image. All other build configurations and runtime settings remain unchanged.

Changes

Cohort / File(s)	Summary
Base Image Update build/Dockerfile, build/Dockerfile.olm-registry	UBI9 minimal base image tag updated to a newer version; no changes to build steps, compilation, or runtime configuration.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 9 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is missing critical sections from the template including 'What is being added?', testing checklist, and manual testing steps.	Add sections describing what is being added (base image update rationale), complete the testing checklist, and provide manual testing steps for validation.

✅ Passed checks (9 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: bumping the ubi9/ubi-minimal base image to a newer version.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	All Ginkgo test names in added test files use static, deterministic strings without dynamic content like timestamps, UUIDs, or node names.
Test Structure And Quality	✅ Passed	This PR contains only Dockerfile base image tag updates with no Ginkgo test code modifications, making the custom check not applicable.
Microshift Test Compatibility	✅ Passed	The MicroShift Test Compatibility check is not applicable to this PR as it only updates Docker base image tags in Dockerfile files without modifying any test files.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This PR only updates Docker base image tags in build configuration files, not adding new Ginkgo e2e tests.
Topology-Aware Scheduling Compatibility	✅ Passed	This pull request only updates Docker base image versions and does not introduce or modify any deployment manifests, operator code, controllers, or scheduling constraints.
Ote Binary Stdout Contract	✅ Passed	PR modifies only Docker base image tags, introducing zero source code changes and no new stdout contract violations.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	This PR is a dependency bump that only modifies Docker base image tags in build/Dockerfile and build/Dockerfile.olm-registry. No new Ginkgo e2e tests or any Go test files have been added or modified in this PR.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/docker/build/ubi9/ubi-minimal-9.7-1776645941

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign bergmannf for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

🧹 Nitpick comments (1)

build/Dockerfile (1)

21-21: Consider pinning base images by digest for reproducibility and supply-chain security.

All base image references in the Dockerfiles use tags only (including line 21). Use @sha256:<digest> to pin the digest and make builds deterministic, reducing the risk of mutable tag drift.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@build/Dockerfile` at line 21, The Dockerfile's FROM instruction uses a
mutable tag ("registry.access.redhat.com/ubi9/ubi-minimal:9.7-1776645941");
replace it with the corresponding digest-pinned reference using
"@sha256:<digest>" to make the base image immutable and reproducible. Locate the
existing FROM line (text
"registry.access.redhat.com/ubi9/ubi-minimal:9.7-1776645941") and update it to
the exact image@sha256:digest obtained from the registry (e.g., via registry API
or `docker pull` + `docker inspect`) so builds reference the fixed OCI manifest
digest. Ensure you update any other Dockerfiles with similar tag-only
references.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@build/Dockerfile`:
- Line 21: The Dockerfile's FROM instruction uses a mutable tag
("registry.access.redhat.com/ubi9/ubi-minimal:9.7-1776645941"); replace it with
the corresponding digest-pinned reference using "@sha256:<digest>" to make the
base image immutable and reproducible. Locate the existing FROM line (text
"registry.access.redhat.com/ubi9/ubi-minimal:9.7-1776645941") and update it to
the exact image@sha256:digest obtained from the registry (e.g., via registry API
or `docker pull` + `docker inspect`) so builds reference the fixed OCI manifest
digest. Ensure you update any other Dockerfiles with similar tag-only
references.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 528b900e-4f5e-4cf1-96c4-a1d65f96bbf0

📥 Commits

Reviewing files that changed from the base of the PR and between 6c48650 and c06b220.

📒 Files selected for processing (2)

• build/Dockerfile
• build/Dockerfile.olm-registry

[openshift-ci]

@dependabot[bot]: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.60%. Comparing base (6c48650) to head (c06b220).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #233   +/-   ##
=======================================
  Coverage   58.60%   58.60%           
=======================================
  Files           5        5           
  Lines         244      244           
=======================================
  Hits          143      143           
  Misses         87       87           
  Partials       14       14           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.