From 76090b59d9c450b1ba75d973a4fbf7d0eb82c529 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Mon, 1 Dec 2025 16:49:33 +0400
Subject: [PATCH 01/17] ci: bump version

---
 service.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/service.yaml b/service.yaml
index 80cb064..eff1344 100644
--- a/service.yaml
+++ b/service.yaml
@@ -1 +1 @@
-version: 3.0.5
+version: 3.0.6

From ce5c6fda68834e9b9a1a0aa15f1b4c22bfeab6ac Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Mon, 1 Dec 2025 21:45:58 +0400
Subject: [PATCH 02/17] build: upgrade dependencies

---
 Dockerfile | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index daf8edb..49839ed 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,29 +1,28 @@
-ARG DOCKER_VERSION=28.5.1
+ARG DOCKER_VERSION=28.5.2
+
 
 # dind-cleaner
 FROM golang:1.25-alpine3.22 AS cleaner
-
 COPY cleaner/dind-cleaner/* /go/src/github.com/codefresh-io/dind-cleaner/
 WORKDIR /go/src/github.com/codefresh-io/dind-cleaner/
-
 RUN go mod tidy
-
 COPY cleaner/dind-cleaner/cmd ./cmd/
-
 RUN CGO_ENABLED=0 go build -o /usr/local/bin/dind-cleaner ./cmd && \
   chmod +x /usr/local/bin/dind-cleaner && \
   rm -rf /go/*
 
+
 # bbolt
 FROM golang:1.25-alpine3.22 AS bbolt
 RUN go install go.etcd.io/bbolt/cmd/bbolt@latest
 
+
 # node-exporter
-FROM quay.io/prometheus/node-exporter:v1.9.1 AS node-exporter
+FROM quay.io/prometheus/node-exporter:v1.10.2 AS node-exporter
+
 
 # Main
 FROM docker:${DOCKER_VERSION}-dind
-
 RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main' >> /etc/apk/repositories \
   && apk upgrade \
   # Add fuse-overlayfs for comaptibility with rootless. Volumes created with rootless might use fuse-overlay formatted volumes. If those volumes are later used by dind that runs with root it'll require fuse-overlay to be able to read the volume

From f6d3993d3c215b5a7fb67ff52900639dc88d451a Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Mon, 1 Dec 2025 22:09:12 +0400
Subject: [PATCH 03/17] build: remove redundant instructions

---
 Dockerfile | 2 --
 1 file changed, 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 49839ed..995514f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -29,8 +29,6 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main' >> /etc/apk/repositor
   && apk add bash fuse-overlayfs jq --no-cache \
   # Needed only for `update-alternatives` below
   && apk add dpkg --no-cache \
-  # A security fix till it's fixed in base dind image (CR-31906)
-  && apk add git --no-cache --upgrade \
   && rm -rf /var/cache/apk/*
 
 # Backward compatibility with kernels that do not support `iptables-nft`. Check #CR-23033 for details.

From b6217d8a1caf9aff86a6ec4a69817d4a14962ded Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Mon, 1 Dec 2025 22:23:10 +0400
Subject: [PATCH 04/17] build: optimize Dockerfile

---
 Dockerfile | 27 +++++++++++++++++----------
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 995514f..2b82be9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -21,23 +21,30 @@ RUN go install go.etcd.io/bbolt/cmd/bbolt@latest
 FROM quay.io/prometheus/node-exporter:v1.10.2 AS node-exporter
 
 
-# Main
-FROM docker:${DOCKER_VERSION}-dind
+# Install dependencies
+FROM docker:${DOCKER_VERSION}-dind AS dependencies
 RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main' >> /etc/apk/repositories \
-  && apk upgrade \
-  # Add fuse-overlayfs for comaptibility with rootless. Volumes created with rootless might use fuse-overlay formatted volumes. If those volumes are later used by dind that runs with root it'll require fuse-overlay to be able to read the volume
-  && apk add bash fuse-overlayfs jq --no-cache \
-  # Needed only for `update-alternatives` below
-  && apk add dpkg --no-cache \
-  && rm -rf /var/cache/apk/*
+  && apk upgrade && apk add --no-cache \
+    bash \
+    # Add fuse-overlayfs for compatibility with rootless. Volumes created with rootless might use fuse-overlay formatted volumes. If those volumes are later used by dind that runs with root it'll require fuse-overlay to be able to read the volume
+    fuse-overlayfs \
+    jq \
+    # Needed only for `update-alternatives` below
+    dpkg
+
 
+# Main
+FROM docker:${DOCKER_VERSION}-dind AS prod
+COPY --from=dependencies /bin/bash /bin/bash
+COPY --from=dependencies /usr/bin/fuse-overlayfs /usr/bin/fuse-overlayfs
+COPY --from=dependencies /usr/bin/jq /usr/bin/jq
+COPY --from=dependencies /usr/bin/update-alternatives /usr/bin/update-alternatives
 # Backward compatibility with kernels that do not support `iptables-nft`. Check #CR-23033 for details.
 RUN update-alternatives --install $(which iptables) iptables $(which iptables-legacy) 10 \
   && update-alternatives --install $(which ip6tables) ip6tables $(which ip6tables-legacy) 10
-
 COPY --from=node-exporter /bin/node_exporter /bin/
-COPY --from=cleaner /usr/local/bin/dind-cleaner /bin/
 COPY --from=bbolt /go/bin/bbolt /bin/
+COPY --from=cleaner /usr/local/bin/dind-cleaner /bin/
 
 WORKDIR /dind
 ADD . /dind

From a5b785018925dab683e38db252411837413b2199 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Tue, 9 Dec 2025 01:33:56 +0400
Subject: [PATCH 05/17] build: bump Docker version

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 2b82be9..21877bc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-ARG DOCKER_VERSION=28.5.2
+ARG DOCKER_VERSION=29.1.2
 
 
 # dind-cleaner

From a9f3ed8baa1aeb89242728d3a1d430acf6e1c791 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Tue, 9 Dec 2025 01:44:41 +0400
Subject: [PATCH 06/17] Revert "build: bump Docker version"

This reverts commit a5b785018925dab683e38db252411837413b2199.
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 21877bc..2b82be9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-ARG DOCKER_VERSION=29.1.2
+ARG DOCKER_VERSION=28.5.2
 
 
 # dind-cleaner

From 1369b0483006450cf7e8ede2e4f79b119dc08236 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Tue, 9 Dec 2025 03:13:44 +0400
Subject: [PATCH 07/17] ci: trigger ci


From a257897d5f439cb84cb2c81c192f764d826bfc96 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Tue, 9 Dec 2025 15:21:44 +0400
Subject: [PATCH 08/17] Reapply "build: bump Docker version"

This reverts commit a9f3ed8baa1aeb89242728d3a1d430acf6e1c791.
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 2b82be9..21877bc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-ARG DOCKER_VERSION=28.5.2
+ARG DOCKER_VERSION=29.1.2
 
 
 # dind-cleaner

From 0e67bf543dfa3279c5df12c5a9d9ef781c4c6bae Mon Sep 17 00:00:00 2001
From: Mikhail Klimko <mikhail.klimko@octopus.com>
Date: Tue, 9 Dec 2025 14:49:54 +0300
Subject: [PATCH 09/17] empty


From 79e948abe76176f7bfa4a2176eb5c5b92728d1bf Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Tue, 9 Dec 2025 19:10:38 +0400
Subject: [PATCH 10/17] ci: trigger ci


From 2a92274a8ad99cb8db5ba0611fe3ed79897aeb24 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Tue, 9 Dec 2025 19:11:48 +0400
Subject: [PATCH 11/17] build: upgrade dependencies

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 21877bc..33ba938 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ ARG DOCKER_VERSION=29.1.2
 
 
 # dind-cleaner
-FROM golang:1.25-alpine3.22 AS cleaner
+FROM golang:1.25-alpine3.23 AS cleaner
 COPY cleaner/dind-cleaner/* /go/src/github.com/codefresh-io/dind-cleaner/
 WORKDIR /go/src/github.com/codefresh-io/dind-cleaner/
 RUN go mod tidy
@@ -13,7 +13,7 @@ RUN CGO_ENABLED=0 go build -o /usr/local/bin/dind-cleaner ./cmd && \
 
 
 # bbolt
-FROM golang:1.25-alpine3.22 AS bbolt
+FROM golang:1.25-alpine3.23 AS bbolt
 RUN go install go.etcd.io/bbolt/cmd/bbolt@latest
 
 

From 6b0b0197ca23b87dadb39a4c04da6ef62d30b976 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Tue, 9 Dec 2025 22:00:19 +0400
Subject: [PATCH 12/17] fix: add `readline`

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 33ba938..4640178 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -35,6 +35,7 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main' >> /etc/apk/repositor
 
 # Main
 FROM docker:${DOCKER_VERSION}-dind AS prod
+RUN apk add readline
 COPY --from=dependencies /bin/bash /bin/bash
 COPY --from=dependencies /usr/bin/fuse-overlayfs /usr/bin/fuse-overlayfs
 COPY --from=dependencies /usr/bin/jq /usr/bin/jq

From bd4c8998bf422658107f154536c7ece25b75af33 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Wed, 10 Dec 2025 13:44:41 +0400
Subject: [PATCH 13/17] Revert "fix: add `readline`"

This reverts commit 6b0b0197ca23b87dadb39a4c04da6ef62d30b976.
---
 Dockerfile | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 4640178..33ba938 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -35,7 +35,6 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main' >> /etc/apk/repositor
 
 # Main
 FROM docker:${DOCKER_VERSION}-dind AS prod
-RUN apk add readline
 COPY --from=dependencies /bin/bash /bin/bash
 COPY --from=dependencies /usr/bin/fuse-overlayfs /usr/bin/fuse-overlayfs
 COPY --from=dependencies /usr/bin/jq /usr/bin/jq

From 740520c8437600530dd0b9974ca2547b11218d16 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Wed, 10 Dec 2025 13:45:00 +0400
Subject: [PATCH 14/17] Revert "build: bump Docker version"

This reverts commit a5b785018925dab683e38db252411837413b2199.
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 33ba938..8c7c93e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-ARG DOCKER_VERSION=29.1.2
+ARG DOCKER_VERSION=28.5.2
 
 
 # dind-cleaner

From 42b9b92a290f837ef964bc3525dd3601513e872a Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Thu, 11 Dec 2025 17:18:11 +0400
Subject: [PATCH 15/17] build: revert dependency changes

---
 Dockerfile | 29 +++++++----------------------
 1 file changed, 7 insertions(+), 22 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 8c7c93e..5d1fa31 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,15 +1,12 @@
-ARG DOCKER_VERSION=28.5.2
-
-
 # dind-cleaner
 FROM golang:1.25-alpine3.23 AS cleaner
 COPY cleaner/dind-cleaner/* /go/src/github.com/codefresh-io/dind-cleaner/
 WORKDIR /go/src/github.com/codefresh-io/dind-cleaner/
 RUN go mod tidy
 COPY cleaner/dind-cleaner/cmd ./cmd/
-RUN CGO_ENABLED=0 go build -o /usr/local/bin/dind-cleaner ./cmd && \
-  chmod +x /usr/local/bin/dind-cleaner && \
-  rm -rf /go/*
+RUN CGO_ENABLED=0 go build -o /usr/local/bin/dind-cleaner ./cmd \
+  && chmod +x /usr/local/bin/dind-cleaner \
+  && rm -rf /go/*
 
 
 # bbolt
@@ -17,13 +14,9 @@ FROM golang:1.25-alpine3.23 AS bbolt
 RUN go install go.etcd.io/bbolt/cmd/bbolt@latest
 
 
-# node-exporter
-FROM quay.io/prometheus/node-exporter:v1.10.2 AS node-exporter
-
-
-# Install dependencies
-FROM docker:${DOCKER_VERSION}-dind AS dependencies
-RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main' >> /etc/apk/repositories \
+# Main
+FROM docker:28.5.2-dind AS prod
+RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.23/main' >> /etc/apk/repositories \
   && apk upgrade && apk add --no-cache \
     bash \
     # Add fuse-overlayfs for compatibility with rootless. Volumes created with rootless might use fuse-overlay formatted volumes. If those volumes are later used by dind that runs with root it'll require fuse-overlay to be able to read the volume
@@ -31,18 +24,10 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main' >> /etc/apk/repositor
     jq \
     # Needed only for `update-alternatives` below
     dpkg
-
-
-# Main
-FROM docker:${DOCKER_VERSION}-dind AS prod
-COPY --from=dependencies /bin/bash /bin/bash
-COPY --from=dependencies /usr/bin/fuse-overlayfs /usr/bin/fuse-overlayfs
-COPY --from=dependencies /usr/bin/jq /usr/bin/jq
-COPY --from=dependencies /usr/bin/update-alternatives /usr/bin/update-alternatives
 # Backward compatibility with kernels that do not support `iptables-nft`. Check #CR-23033 for details.
 RUN update-alternatives --install $(which iptables) iptables $(which iptables-legacy) 10 \
   && update-alternatives --install $(which ip6tables) ip6tables $(which ip6tables-legacy) 10
-COPY --from=node-exporter /bin/node_exporter /bin/
+COPY --from=quay.io/prometheus/node-exporter:v1.10.2 /bin/node_exporter /bin/
 COPY --from=bbolt /go/bin/bbolt /bin/
 COPY --from=cleaner /usr/local/bin/dind-cleaner /bin/
 

From 3a31b0a19e5b6c36a52ff8b6d77bdd465ef1e5c6 Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Fri, 12 Dec 2025 00:11:21 +0400
Subject: [PATCH 16/17] build: upgrade Docker to v29

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 5d1fa31..84f616c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,7 +15,7 @@ RUN go install go.etcd.io/bbolt/cmd/bbolt@latest
 
 
 # Main
-FROM docker:28.5.2-dind AS prod
+FROM docker:29.1.2-dind AS prod
 RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.23/main' >> /etc/apk/repositories \
   && apk upgrade && apk add --no-cache \
     bash \

From b7c03d8fc9dc755bc3bb943ca6d33d930092a17a Mon Sep 17 00:00:00 2001
From: Zhenya Tikhonov <zhenya.tikhonov@codefresh.io>
Date: Fri, 12 Dec 2025 00:52:01 +0400
Subject: [PATCH 17/17] ci: trigger ci