chore(ci): drop docker digests

[DerekRoberts]

Description

Please provide a summary of the change and the issue fixed. Please include relevant context. List dependency changes.

Fixes # (issue)

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

• Test A
• Test B

Checklist

• I have read the CONTRIBUTING doc
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have already been accepted and merged

Further comments

---

Thanks for the PR!

Deployments, as required, will be available below:

• Java
• Py
• Go

Please create PRs in draft mode. Mark as ready to enable:

• Analysis Workflow

After merge, new images are deployed in:

• Merge Workflow

[Copilot]

Pull Request Overview

Removes pinned digests from Docker Compose service images to simplify tag updates and maintenance.

• Dropped @sha256 digests for all service images (database, migrations, backend).
• Simplified tags to major versions (e.g., postgres:15, flyway/flyway:9-alpine, python:3.13).
• Retained the stability comment for python:3.11-slim-buster after removing its digest.

Files not reviewed (5)

• backend-go/Dockerfile: Language not supported
• backend-go/db/Dockerfile: Language not supported
• backend-java/Dockerfile: Language not supported
• backend-py/Dockerfile: Language not supported
• backend-py/db/Dockerfile: Language not supported

Comments suppressed due to low confidence (1)

docker-compose.yml:40

• [nitpick] Removing the digest pinning can lead to non-reproducible builds. Consider keeping image digests or documenting the trade-offs to ensure predictable deployments.

image: postgres:15

[Copilot]

Pull Request Overview

This chore removes docker digests from the image references in the docker-compose file, switching to tag-based versioning.

• Removed image digests for the postgres, flyway, and python images
• Simplified image references to use tags only

Files not reviewed (5)

• backend-go/Dockerfile: Language not supported
• backend-go/db/Dockerfile: Language not supported
• backend-java/Dockerfile: Language not supported
• backend-py/Dockerfile: Language not supported
• backend-py/db/Dockerfile: Language not supported

Comments suppressed due to low confidence (5)

docker-compose.yml:40

• Dropping the image digest here means that the postgres image is now based solely on the tag, which might lead to non-deterministic builds if the tag is updated. Consider whether this trade-off aligns with your deployment strategy.

image: postgres:15

docker-compose.yml:50

• Using only the tag for the flyway image can result in pulling unintended updates; ensure that the deployment process accounts for potential version drift.

image: flyway/flyway:9-alpine

docker-compose.yml:63

• Dropping the digest here too means that the flyway image for the python migrations relies solely on the tag. Reconfirm that image updates are managed appropriately in your CI/CD pipeline.

image: flyway/flyway:9-alpine

docker-compose.yml:106

• Switching to tag-only reference for the python image may lead to non-reproducible builds if the tag changes; verify that version consistency is ensured elsewhere in your process.

image: python:3.13

docker-compose.yml:122

• As with the other python image reference, omitting the digest here means reliance on the tag. Confirm that appropriate measures are in place to avoid unexpected image updates.

image: python:3.13