deploy: bump base images to Alpine 3.23

Move the build stage and final image to alpine 3.23 (current
stable, released 2025-12-03) so that a rebuild picks up:

- busybox 1.37.0-r20+ (addresses CVE-2024-58251, BusyBox netstat
  ANSI-escape DoS)
- Go 1.25.10 via golang:1.25-alpine3.23 (addresses CVE-2025-58183,
  archive/tar unbounded sparse-region allocation, fixed in 1.25.9)

Refs #3837

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Author: dims

deploy/Dockerfile

@@ -1,4 +1,4 @@
-FROM registry.hub.docker.com/library/golang:1.25-alpine3.22 AS build
+FROM registry.hub.docker.com/library/golang:1.25-alpine3.23 AS build
 
 # Install build depdencies for all supported arches
 RUN apk --no-cache add bash build-base cmake device-mapper findutils git \
@@ -49,7 +49,7 @@ RUN export GO_TAGS="libpfm,netgo"; \
     fi; \
     GO_FLAGS="-tags=$GO_TAGS" ./build/build.sh
 
-FROM mirror.gcr.io/library/alpine:3.22
+FROM mirror.gcr.io/library/alpine:3.23
 MAINTAINER dengnan@google.com vmarmol@google.com vishnuk@google.com jimmidyson@gmail.com stclair@google.com
 
 RUN apk --no-cache add libc6-compat device-mapper findutils ndctl thin-provisioning-tools zfs && \