So it took me ~3 hours to fix a Bug that should've taken ~10 minutes ...
I was trying to mitigate an issue with one of our Alpine Linux-based images, where our IBM Container Registry (ICR) Vulnerability Advisor (VA) tool was (rightly) complaining about our exposure to CVE-2021-36159 with apk-tools.
I knew that the mitigation was to update the Dockerfile to ensure that this package was updated.
However, given that I'm building from someone else's GH project, where I don't control the Dockerfile per se, I wanted to have my Jenkins Pipeline job amend the Dockerfile "in flight".
So the Dockerfile had the line: -
FROM alpine:3.13 AS run