Ensure 'apk' add has pinned version for package

When using apk add without pinned version, you get the default latest version without knowing which is it, this can lead to incompatibility, but worse than that, a risk due to unknown vulnerabilities exist in the unknown version which included in the image.

Risk Level: medium
Platform: Docker
Spectral Rule ID: DOCKR054

REMEDIATION

Add pinned version to apk add.

FROM alpine:3.16
- RUN apk add curl
+ RUN apk add curl=7.84.0-r0

Read more: