From e91500616179c70e15b2141fa739cf03d683296b Mon Sep 17 00:00:00 2001
From: Andy Wilkinson <awilkinson@pivotal.io>
Date: Thu, 1 Nov 2018 11:32:07 +0000
Subject: [PATCH] Use sha256 hashes for Docker base images to ensure
 repeatability

Closes gh-15056
---
 ci/images/spring-boot-ci-image/Dockerfile       | 3 ++-
 ci/images/spring-boot-jdk10-ci-image/Dockerfile | 3 ++-
 ci/images/spring-boot-jdk9-ci-image/Dockerfile  | 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/ci/images/spring-boot-ci-image/Dockerfile b/ci/images/spring-boot-ci-image/Dockerfile
index d56672b269..390dddd43f 100644
--- a/ci/images/spring-boot-ci-image/Dockerfile
+++ b/ci/images/spring-boot-ci-image/Dockerfile
@@ -1,4 +1,5 @@
-FROM openjdk:8u181-jdk
+# 1.8.0_181-8u181-b13-1~deb9u1-b13
+FROM openjdk@sha256:1b842a215cf3437c9197f0f47e5c1a12f0a27aed27b84536ee3d8ef6b9b7e19e
 
 RUN apt-get update && \
     apt-get install -y git && \
diff --git a/ci/images/spring-boot-jdk10-ci-image/Dockerfile b/ci/images/spring-boot-jdk10-ci-image/Dockerfile
index 58de2bb5b0..27efc5b4a7 100644
--- a/ci/images/spring-boot-jdk10-ci-image/Dockerfile
+++ b/ci/images/spring-boot-jdk10-ci-image/Dockerfile
@@ -1,4 +1,5 @@
-FROM openjdk:10.0.2-13-jdk
+# 10.0.2+13-Debian-2
+FROM openjdk@sha256:6f481d9b45665cbfd39309ef72dc2afe628ff4721c29d3c5b8852287e6cb8668
 
 RUN apt-get update && \
     apt-get install -y git && \
diff --git a/ci/images/spring-boot-jdk9-ci-image/Dockerfile b/ci/images/spring-boot-jdk9-ci-image/Dockerfile
index 2bd272dd50..2c4884f53f 100644
--- a/ci/images/spring-boot-jdk9-ci-image/Dockerfile
+++ b/ci/images/spring-boot-jdk9-ci-image/Dockerfile
@@ -1,4 +1,5 @@
-FROM openjdk:9.0.4-12-jdk
+# 9.0.4+12-Debian-4
+FROM openjdk@sha256:0e48e7e79d9e5637ee5d9c4a4fa2615c7bde69390aab06f7105eb4a8ebec8383
 
 RUN apt-get update && \
     apt-get install -y git && \