chore: bump thornode image: update to 1.0.28-23761879 (main)

[tiljrd]

User description

Automated: bump image to tiljordan/thornode-forking:1.0.28-23761879 on base main. Automated weekly bump.

---

PR Type

Other

---

Description

• Update thornode-forking image from 1.0.25 to 1.0.28

• Bump applied across configuration files and documentation

• Update includes README, examples, and source code references

---

Diagram Walkthrough

flowchart LR
  A["thornode-forking<br/>1.0.25-23761879"] -- "version bump" --> B["thornode-forking<br/>1.0.28-23761879"]
  B --> C["README.md"]
  B --> D["Configuration Files"]
  B --> E["Source Code"]
  B --> F["Dockerfile"]

Loading

File Walkthrough

	Relevant files
Configuration changes	README.md Update thornode-forking image references                                  README.md Updated thornode-forking image version from 1.0.25 to 1.0.28 in forking configuration Updated image version in participants section +2/-2      cli-with-network.yaml Bump thornode-forking image version                                            examples/cli-with-network.yaml Updated participant image from 1.0.25 to 1.0.28 +1/-1      forking-1.0.10.yaml Bump thornode-forking image version                                            examples/forking-1.0.10.yaml Updated participant image from 1.0.25 to 1.0.28 +1/-1      forking-genesis.yaml Bump thornode-forking image references                                      examples/forking-genesis.yaml Updated forking image from 1.0.25 to 1.0.28 Updated participant image from 1.0.25 to 1.0.28 +2/-2      faucet_launcher.star Bump thornode-forking image version                                            src/faucet/faucet_launcher.star Updated faucet_image variable from 1.0.25 to 1.0.28 +1/-1      single_node_launcher.star Bump default thornode-forking image                                            src/network_launcher/single_node_launcher.star Updated default forking_image from 1.0.25 to 1.0.28 +1/-1      thorchain_defaults.json Bump thornode-forking image in defaults                                    src/package_io/thorchain_defaults.json Updated participant image from 1.0.25 to 1.0.28 Updated forking image from 1.0.25 to 1.0.28 +2/-2
Dependencies	Dockerfile Bump base thornode-forking image                                                  src/toolchain-cli/Dockerfile Updated base image FROM statement from 1.0.25 to 1.0.28 +1/-1

---

Summary by CodeRabbit

• Chores
  • Updated Thornode forking image tag to version 1.0.28-23761879 across all configuration files and documentation examples.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The pull request updates the tiljordan/thornode-forking image tag from version 1.0.25-23761879 to 1.0.28-23761879 across documentation, example configurations, launcher scripts, defaults, and the Dockerfile. No functional logic or configuration structure changes.

Changes

Cohort / File(s)	Summary
Documentation & Examples README.md, examples/cli-with-network.yaml, examples/forking-1.0.10.yaml, examples/forking-genesis.yaml	Updated thornode-forking image tag from 1.0.25-23761879 to 1.0.28-23761879 in configuration examples and documentation.
Launcher Scripts src/faucet/faucet_launcher.star, src/network_launcher/single_node_launcher.star	Updated default forking image tag from 1.0.25-23761879 to 1.0.28-23761879 in launcher implementations.
Default Configuration src/package_io/thorchain_defaults.json	Updated thornode-forking image tag in participants and forking configuration defaults from 1.0.25-23761879 to 1.0.28-23761879.
Docker Build src/toolchain-cli/Dockerfile	Updated base image tag from 1.0.25-23761879 to 1.0.28-23761879.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• chore: bump thornode image: update to 1.0.19-23596070 (main) #56: Updates thornode-forking image tag across the same files (README, examples, launchers, defaults, Dockerfile).
• chore: bump thornode image: update to 1.0.20-23621657 (main) #63: Updates thornode-forking image tag in identical files and configuration fields (examples, README, launcher, defaults, Dockerfile).
• chore: bump thornode image: update to 1.0.25-23761879 (main) #79: Modifies the same thornode-forking image references across README, examples, launcher scripts, defaults, and Dockerfile with a similar version bump pattern.

Suggested labels

Review effort 1/5

Poem

🐰 A little bump from point-two-five,
To twenty-eight, the code's alive!
Across the files, from top to base,
New images take their proper place.
✨ Version dance, so clean and neat!

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: bumping the thornode image from 1.0.25 to 1.0.28, which is reflected across all modified files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bump-thornode-1.0.28-23761879-main

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 414ef54 and eeb4274.

📒 Files selected for processing (8)

• README.md
• examples/cli-with-network.yaml
• examples/forking-1.0.10.yaml
• examples/forking-genesis.yaml
• src/faucet/faucet_launcher.star
• src/network_launcher/single_node_launcher.star
• src/package_io/thorchain_defaults.json
• src/toolchain-cli/Dockerfile

🔇 Additional comments (8)

src/faucet/faucet_launcher.star (1)

33-33: Version bump looks consistent.

The faucet image has been correctly updated to match the new thornode-forking version.

examples/forking-genesis.yaml (1)

10-10: Example configuration correctly updated.

Both forking and participant image references in this example are consistent with the version bump.

Also applies to: 16-16

src/toolchain-cli/Dockerfile (1)

1-1: Base image updated correctly.

The Dockerfile base image has been consistently updated to the new thornode-forking version.

examples/cli-with-network.yaml (1)

10-10: Example configuration updated consistently.

The participant image in this CLI example has been correctly updated to match the new version.

src/package_io/thorchain_defaults.json (1)

57-57: Verify Docker image is accessible before deployment.

Both the participant and forking image references are consistently updated to 1.0.28-23761879. However, this image cannot be found on public Docker Hub registries—it may be private, custom-built, or no longer available. Confirm the image is accessible from the deployment environment and verify it has no known security vulnerabilities before running this configuration.

README.md (1)

264-267: LGTM! Consistent image version update in documentation.

Both the forking.image and participants[0].image fields are updated consistently to version 1.0.28-23761879. The example configuration remains structurally sound.

examples/forking-1.0.10.yaml (1)

5-5: LGTM! Image version updated consistently.

The participant image is updated to 1.0.28-23761879, consistent with the version bump across other configuration files.

src/network_launcher/single_node_launcher.star (1)

12-12: Image version consistency is good, but validation of availability and breaking changes requires external verification.

The image tiljordan/thornode-forking:1.0.28-23761879 is consistently pinned across the codebase (10+ locations including README, examples, and launcher components). Git history shows this was part of an "Automated weekly bump" process (commit eeb4274, Jan 3, 2026).

However, the following cannot be conclusively verified from the codebase alone:

1. Image accessibility: Requires Docker Hub access to verify the image exists and is pullable.
2. Automated validation: An automated bump process is referenced in git history, but no validation/testing logic is visible in the codebase for confirming image stability or compatibility.
3. Breaking changes (1.0.25 → 1.0.28): No changelog, version documentation, or test suite exists to assess potential breaking changes between versions.

If the automated bump process includes image validation and testing, consider documenting this in the repository or adding visible CI/CD checks that can be reviewed alongside code changes.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Unpinned container image Description: The PR updates multiple references to the third-party container image tiljordan/thornode-forking:1.0.28-23761879 using a mutable tag (not pinned by digest), which introduces a supply-chain risk where the image contents could change or be replaced upstream without code changes (e.g., compromise of the registry/repo leading to malicious image being pulled). Dockerfile [1-1] Referred Code FROM tiljordan/thornode-forking:1.0.28-23761879
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Derive faucet image from config Replace the hardcoded faucet_image string with the value from chain_cfg["forking"]["image"] to avoid duplication and ensure it stays in sync with the main forking image configuration. src/faucet/faucet_launcher.star [33] -faucet_image = "tiljordan/thornode-forking:1.0.28-23761879" +if "forking" not in chain_cfg or "image" not in chain_cfg["forking"]: + fail("Configuration error: 'forking.image' must be specified for faucet on chain " + chain_name) +faucet_image = chain_cfg["forking"]["image"] Apply / Chat Suggestion importance[1-10]: 8 __ Why: This is a strong suggestion that improves maintainability by removing a hardcoded image string and deriving it from a central configuration, adhering to the DRY principle.	Medium
Possible issue	Remove hard-coded default image Instead of using a hardcoded fallback for the forking_image, modify the code to require forking.image to be explicitly defined in the configuration and fail if it is missing. src/network_launcher/single_node_launcher.star [12] -forking_image = forking_config.get("image", "tiljordan/thornode-forking:1.0.28-23761879") +if "image" not in forking_config: + fail("Configuration error: 'forking.image' must be specified for chain " + chain_name) +forking_image = forking_config["image"] Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies a maintainability issue with a hardcoded fallback value and proposes making the configuration explicit, which is a robust design choice.	Medium
More