Skip to content

Update docker container version in /tools/AttackSurfaceAnalyzer#27053

Open
adityapatwardhan wants to merge 1 commit intomasterfrom
fixADOCoPilotIssueAttackSurfaceAnalyzer
Open

Update docker container version in /tools/AttackSurfaceAnalyzer#27053
adityapatwardhan wants to merge 1 commit intomasterfrom
fixADOCoPilotIssueAttackSurfaceAnalyzer

Conversation

@adityapatwardhan
Copy link
Member

@adityapatwardhan adityapatwardhan commented Mar 18, 2026

PR Summary

This pull request updates the Docker base image used for the test execution environment in tools/AttackSurfaceAnalyzer/docker/Dockerfile. The change switches to a newer image digest, which may include important security patches or improvements.

Docker image update:

  • Updated the base image for asa-runner from digest 28f3a59216a7f91dfc4730ea47e236e2ffbb519975725bf8231f57e69dab3ca8 to cb171fbed1d295688e8feb0df50fc7a21e4ed2fc4b02718370a37a6950fa43a9 in Dockerfile, ensuring the environment uses the latest available version.

PR Context

ADO CoPilot suggestion

PR Checklist

Copilot AI review requested due to automatic review settings March 18, 2026 18:47
@adityapatwardhan adityapatwardhan requested a review from a team as a code owner March 18, 2026 18:47
Copilot AI reviewed Mar 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the pinned base image digest used by the AttackSurfaceAnalyzer Windows container, keeping the ASA test environment aligned with the intended dotnet/sdk:9.0-windowsservercore-ltsc2022 image while maintaining reproducible builds via digest pinning.

Changes:

  • Updated the mcr.microsoft.com/dotnet/sdk:9.0-windowsservercore-ltsc2022 image SHA256 digest used for the asa-runner stage.

You can also share your feedback on Copilot code review. Take the survey.

kilasuit
kilasuit reviewed Mar 18, 2026
View reviewed changes
tools/AttackSurfaceAnalyzer/docker/Dockerfile

# Stage 1: Test execution environment
FROM mcr.microsoft.com/dotnet/sdk:9.0-windowsservercore-ltsc2022@sha256:28f3a59216a7f91dfc4730ea47e236e2ffbb519975725bf8231f57e69dab3ca8 AS asa-runner
FROM mcr.microsoft.com/dotnet/sdk:9.0-windowsservercore-ltsc2022@sha256:cb171fbed1d295688e8feb0df50fc7a21e4ed2fc4b02718370a37a6950fa43a9 AS asa-runner
Copy link
Collaborator

@kilasuit kilasuit Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checking on https://mcr.microsoft.com/en-us/artifact/mar/dotnet/sdk/tag/9.0-windowsservercore-ltsc2022 it seems the current & only sha256 hash is

sha256:b884c6c8d4a997483b54e46b966a3bb36fc129c8375fb857934360f4f1b8b77c

Unless you are seeing otherwise via other tooling at all

Suggested change
FROM mcr.microsoft.com/dotnet/sdk:9.0-windowsservercore-ltsc2022@sha256:cb171fbed1d295688e8feb0df50fc7a21e4ed2fc4b02718370a37a6950fa43a9 AS asa-runner
FROM mcr.microsoft.com/dotnet/sdk:9.0-windowsservercore-ltsc2022@sha256:b884c6c8d4a997483b54e46b966a3bb36fc129c8375fb857934360f4f1b8b77c AS asa-runner

@adityapatwardhan adityapatwardhan added the CL-BuildPackaging Indicates that a PR should be marked as a build or packaging change in the Change Log label Mar 18, 2026
daxian-dbw
daxian-dbw approved these changes Mar 19, 2026
View reviewed changes
Copy link
Member

@daxian-dbw daxian-dbw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adityapatwardhan Does this PR need to be backported to release branches?

@microsoft-github-policy-service microsoft-github-policy-service bot added the Review - Needed The PR is being reviewed label Mar 26, 2026
@microsoft-github-policy-service
Copy link
Contributor

microsoft-github-policy-service bot commented Mar 26, 2026

This pull request has been automatically marked as Review Needed because it has been there has not been any activity for 7 days.
Maintainer, please provide feedback and/or mark it as Waiting on Author

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@daxian-dbw daxian-dbw daxian-dbw approved these changes

@jshigetomi jshigetomi Awaiting requested review from jshigetomi jshigetomi is a code owner

+1 more reviewer

@kilasuit kilasuit kilasuit left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

BackPort-7.4.x-Consider BackPort-7.5.x-Consider BackPort-7.6.x-Consider CL-BuildPackaging Indicates that a PR should be marked as a build or packaging change in the Change Log Review - Needed The PR is being reviewed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@adityapatwardhan @daxian-dbw @kilasuit