We should refer to images on production using a naming like this rather than

/org/hichee-production/image/hichee-production@sha256:82e0fd45f5dbb8b40d74bb699cde3973eae7b631620b41bbd2ddd54191aec05b

rather than the current:

/org/hichee-production/image/hichee-production:964_8d258e9

The reason is that when reverting a hacked image, we're sure what image we're reverting to...

CC: @borela @dzirtusss

Details on the type of hack:

The type of attacker you're referring to is typically known as a "supply chain attacker" or specifically a "container image poisoning attacker." In this scenario, the attacker infiltrates the container supply chain by replacing legitimate Docker images with malicious ones while maintaining the same tags. This is a form of image poisoning or tag squatting where the goal is to infect production environments with malware by compromising the image repository or distribution process.

Ensuring image integrity through measures like image signing (e.g., Docker Content Trust) or using private registries can help mitigate these risks.