chore: update k0s images

[replicated-ci-ec]

Automated changes by the image-deps-updater GitHub action

[github-actions]

This PR has been released (on staging) and is available for download with a embedded-cluster-smoke-test-staging-app license ID.

Online Installer:

curl "https://staging.replicated.app/embedded/embedded-cluster-smoke-test-staging-app/ci/appver-dev-ab982c6" -H "Authorization: $EC_SMOKE_TEST_LICENSE_ID" -o embedded-cluster-smoke-test-staging-app-ci.tgz

Airgap Installer (may take a few minutes before the airgap bundle is built):

curl "https://staging.replicated.app/embedded/embedded-cluster-smoke-test-staging-app/ci-airgap/appver-dev-ab982c6?airgap=true" -H "Authorization: $EC_SMOKE_TEST_LICENSE_ID" -o embedded-cluster-smoke-test-staging-app-ci.tgz

Happy debugging!

[cursor]

Bug: Non-immutable image digests for identical tags

SHA256 digests are changing for images with identical version tags (e.g., v3.28.5-amd64, 1.13.1-amd64, 3.9-amd64). Container image digests should be immutable for a given version tag. Changing digests for the same version indicates either image re-tagging (breaking reproducibility and security verification) or incorrect digest values, both of which compromise supply chain security and deployment reliability.

 

[cursor]

Bug: Immutable digests for same version tags broken.

SHA256 digests are changing for images with identical version tags (e.g., 1.13.1-amd64, v1.33.5-amd64, 3.10.1-amd64). Container image digests should be immutable for a given version tag. Changing digests for the same version indicates either image re-tagging (breaking reproducibility and security verification) or incorrect digest values, both of which compromise supply chain security and deployment reliability.