chore(deps): update registry.access.redhat.com/ubi9/skopeo docker tag to v9.7-1777555946

[red-hat-konflux]

This PR contains the following updates:

Package	Type	Update	Change
registry.access.redhat.com/ubi9/skopeo	final	patch	9.7-1776864511 → 9.7-1777555946

---

Configuration

📅 Schedule: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[coderabbitai]

Walkthrough

The Docker base image in the kata-install build is updated from version 9.7-1776864511 to 9.7-1777555946. No functional code, build logic, or runtime behavior is modified.

Changes

Docker Base Image Update

Layer / File(s)	Summary
Image Version scripts/kata-install/Dockerfile	Base image updated from registry.access.redhat.com/ubi9/skopeo:9.7-1776864511 to registry.access.redhat.com/ubi9/skopeo:9.7-1777555946.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 12

✅ Passed checks (12 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: updating a Docker base image tag in the Dockerfile.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	The custom check for stable Ginkgo test names is not applicable; this PR only updates a Docker base image tag with no test code modifications.
Test Structure And Quality	✅ Passed	The custom check for Ginkgo test structure and quality is not applicable to this pull request. The PR only modifies scripts/kata-install/Dockerfile, updating a container image tag. No test files were modified.
Microshift Test Compatibility	✅ Passed	PR only updates Docker base image tag; no new Ginkgo e2e tests added, so MicroShift compatibility check is not applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	No new Ginkgo e2e tests added; SNO compatibility check not applicable and passes by default.
Topology-Aware Scheduling Compatibility	✅ Passed	This pull request only updates a Docker base image tag in a Dockerfile from version 9.7-1776864511 to 9.7-1777555946. This is a build artifact dependency update and does not introduce any scheduling constraints, topology assumptions, pod affinity rules, node selectors, or other scheduling-related configuration.
Ote Binary Stdout Contract	✅ Passed	This pull request only modifies a Docker base image tag in scripts/kata-install/Dockerfile, which contains no executable Go code, so the OTE Binary Stdout Contract check does not apply.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	PR only updates Docker base image tag in Dockerfile; no new Ginkgo e2e tests added, so custom check not applicable.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/mintmaker/devel/registry.access.redhat.com-ubi9-skopeo-9.x

---

_{Review rate limit: 7/10 reviews remaining, refill in 17 minutes and 49 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

Hi @red-hat-konflux[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

🧹 Nitpick comments (1)

scripts/kata-install/Dockerfile (1)

1-1: Pin the base image by digest to ensure reproducible builds.

Use registry.access.redhat.com/ubi9/skopeo:9.7-1777555946@sha256:<digest> instead of the mutable tag. This avoids tag drift and strengthens supply-chain reproducibility per Red Hat's documented best practices. You can obtain the digest using skopeo inspect docker://registry.access.redhat.com/ubi9/skopeo:9.7-1777555946.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/kata-install/Dockerfile` at line 1, Replace the mutable base image
tag in the Dockerfile FROM line by pinning to the digest: run skopeo inspect
docker://registry.access.redhat.com/ubi9/skopeo:9.7-1777555946 to get the sha256
digest and update the FROM instruction to use
registry.access.redhat.com/ubi9/skopeo:9.7-1777555946@sha256:<digest> so the
Dockerfile's base image is immutable and reproducible.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@scripts/kata-install/Dockerfile`:
- Line 1: Replace the mutable base image tag in the Dockerfile FROM line by
pinning to the digest: run skopeo inspect
docker://registry.access.redhat.com/ubi9/skopeo:9.7-1777555946 to get the sha256
digest and update the FROM instruction to use
registry.access.redhat.com/ubi9/skopeo:9.7-1777555946@sha256:<digest> so the
Dockerfile's base image is immutable and reproducible.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 9643cabc-d065-4f02-bde2-3689f86ff738

📥 Commits

Reviewing files that changed from the base of the PR and between 10a4824 and 85d2216.

📒 Files selected for processing (1)

• scripts/kata-install/Dockerfile