Release Chronograf 1.10.5

[powersj]

Thank you!

[tianon]

😬 I do not recommend using FROM alpine:3 -- while convenient, it's what I'd call a "square wheel" and when it rolls, you might get unexpected breakage, so we prefer to see explicit testing/verification/bumping. 🙇

[yosifkit]

To expand upon @tianon's comment: Being from the minor version is safer (e.g. FROM alpine:3.20) but specifying the specific patch (3.20.0) would just create extra work (more PRs to keep up-to-date). A version like 3.20 would allow the image to be automatically rebuilt for "stable" updates (e.g. when 3.20.1 is released). But a plain 3 would mean a rebuild at the 3.21.0 release which is more likely to have breaking changes, aka the "square wheel"; we've seen everything from major library changes that causes the build to fail (like openssl to libressl and back to openssl) to the apk-provided libraries/binaries using newer syscalls causing the container to fail to run for many users because of libseccomp denials (#16829).

[powersj]

I will always defer to your recommendations. Let me update our images to go back to specific minor releases and push an update once I get a review internally.

But a plain 3 would mean a rebuild at the 3.21.0 release

Right, this was the behavior we thought we wanted. We get requests each time a new Alpine minor release comes out and I had assumed the risk of auto-moving was low for our products and the Alpine images.

[github-actions]

Diff for a1c777f:

diff --git a/_bashbrew-cat b/_bashbrew-cat
index ae2a31e..dbc3f4c 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -1,6 +1,6 @@
 Maintainers: Brandon Pfeifer <[email protected]> (@bnpfeife), Josh Powers <[email protected]> (@powersj), Sven Rebhan <[email protected]> (@srebhan), Dane Strandboge <[email protected]> (@DStrand1)
 GitRepo: https://github.com/influxdata/influxdata-docker
-GitCommit: 1a58dee982ca7f110b9d7478f55c6ee2837ec3bb
+GitCommit: 0854be83296d30acd6e2b75f106f026cb051cbda
 
 Tags: 1.7, 1.7.17
 Architectures: amd64, arm32v7, arm64v8
@@ -23,9 +23,9 @@ Directory: chronograf/1.9
 Tags: 1.9-alpine, 1.9.4-alpine
 Directory: chronograf/1.9/alpine
 
-Tags: 1.10, 1.10.4, latest
+Tags: 1.10, 1.10.5, latest
 Architectures: amd64, arm32v7, arm64v8
 Directory: chronograf/1.10
 
-Tags: 1.10-alpine, 1.10.4-alpine, alpine
+Tags: 1.10-alpine, 1.10.5-alpine, alpine
 Directory: chronograf/1.10/alpine
diff --git a/_bashbrew-list b/_bashbrew-list
index 066da14..34aeb27 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -12,7 +12,7 @@ chronograf:1.9.4
 chronograf:1.9.4-alpine
 chronograf:1.10
 chronograf:1.10-alpine
-chronograf:1.10.4
-chronograf:1.10.4-alpine
+chronograf:1.10.5
+chronograf:1.10.5-alpine
 chronograf:alpine
 chronograf:latest
diff --git a/chronograf_1.7.17-alpine/Dockerfile b/chronograf_1.7.17-alpine/Dockerfile
index 5d33b5a..e9a258c 100644
--- a/chronograf_1.7.17-alpine/Dockerfile
+++ b/chronograf_1.7.17-alpine/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.17
+FROM alpine:3.20
 
 RUN echo 'hosts: files dns' >> /etc/nsswitch.conf
 RUN apk add --no-cache ca-certificates && \
diff --git a/chronograf_1.8.10-alpine/Dockerfile b/chronograf_1.8.10-alpine/Dockerfile
index 22b3a23..06190dc 100644
--- a/chronograf_1.8.10-alpine/Dockerfile
+++ b/chronograf_1.8.10-alpine/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.17
+FROM alpine:3.20
 
 RUN echo 'hosts: files dns' >> /etc/nsswitch.conf
 RUN apk add --no-cache ca-certificates && \
diff --git a/chronograf_1.9.4-alpine/Dockerfile b/chronograf_1.9.4-alpine/Dockerfile
index 92b20ed..e86b62c 100644
--- a/chronograf_1.9.4-alpine/Dockerfile
+++ b/chronograf_1.9.4-alpine/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.17
+FROM alpine:3.20
 
 RUN echo 'hosts: files dns' >> /etc/nsswitch.conf
 RUN apk add --no-cache ca-certificates && \
diff --git a/chronograf_alpine/Dockerfile b/chronograf_alpine/Dockerfile
index d4567d7..d88b550 100644
--- a/chronograf_alpine/Dockerfile
+++ b/chronograf_alpine/Dockerfile
@@ -1,10 +1,10 @@
-FROM alpine:3.18
+FROM alpine:3.20
 
 RUN echo 'hosts: files dns' >> /etc/nsswitch.conf
 RUN apk add --no-cache ca-certificates su-exec && \
     update-ca-certificates
 
-ENV CHRONOGRAF_VERSION 1.10.4
+ENV CHRONOGRAF_VERSION 1.10.5
 
 RUN set -ex && \
     mkdir ~/.gnupg; \
diff --git a/chronograf_latest/Dockerfile b/chronograf_latest/Dockerfile
index d177516..282410c 100644
--- a/chronograf_latest/Dockerfile
+++ b/chronograf_latest/Dockerfile
@@ -11,7 +11,7 @@ RUN set -ex && \
         gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys "$key" ; \
     done
 
-ENV CHRONOGRAF_VERSION 1.10.4
+ENV CHRONOGRAF_VERSION 1.10.5
 RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" && \
     case "${dpkgArch##*-}" in \
       amd64) ARCH='amd64';; \

Relevant Maintainers:

• chronograf: @bnpfeife @powersj @srebhan @DStrand1