[eno] Pinning Docker Version to 1.24.13 for cve fix (#569) (#570)

CVE fix in docker file
ruinanliu@ruinanliu-work:~/go/src/go.goms.io/aks/eno$ trivy image
--ignore-unfixed ruinandevacr.azurecr.io/eno-reconciler:0.0.1-cve
2026-02-19T15:44:29-08:00 INFO Vulnerability scanning is enabled
2026-02-19T15:44:29-08:00 INFO Secret scanning is enabled
2026-02-19T15:44:29-08:00 INFO If your scanning is slow, please try
'--scanners vuln' to disable secret scanning
2026-02-19T15:44:29-08:00 INFO Please see also

https://aquasecurity.github.io/trivy/v0.52/docs/scanner/secret/#recommendation
for faster secret detection
2026-02-19T15:44:29-08:00 INFO Detected OS family="debian"
version="13.3"
2026-02-19T15:44:29-08:00 INFO [debian] Detecting vulnerabilities...
os_version="13" pkg_num=4
2026-02-19T15:44:29-08:00 INFO Number of language-specific files num=1
2026-02-19T15:44:29-08:00 INFO [gobinary] Detecting vulnerabilities...

ruinandevacr.azurecr.io/eno-reconciler:0.0.1-cve (debian 13.3)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

Author: ruinan-liu

docker/eno-controller/Dockerfile

@@ -1,4 +1,6 @@
 FROM mcr.microsoft.com/devcontainers/go:1.24 AS builder
+# Set GOTOOLCHAIN to ensure the specific version is used during build for fix CVE-2025-68121
+ENV GOTOOLCHAIN=go1.24.13
 WORKDIR /app
 
 ADD go.mod .

docker/eno-reconciler/Dockerfile

@@ -1,4 +1,6 @@
 FROM mcr.microsoft.com/devcontainers/go:1.24 AS builder
+# Set GOTOOLCHAIN to ensure the specific version is used during build for fix CVE-2025-68121
+ENV GOTOOLCHAIN=go1.24.13
 WORKDIR /app
 
 ADD go.mod .