From ae8e105b3af0fda62a21665b8bcd171b723316ed Mon Sep 17 00:00:00 2001
From: Michael Fritch <mfritch@suse.com>
Date: Mon, 25 Mar 2024 05:53:55 -0600
Subject: [PATCH] Update base image to v1.21.8b1

also fixup failing trivy image scan

Issue: https://github.com/rancher/rke2/issues/5089
Signed-off-by: Michael Fritch <mfritch@suse.com>
---
 .drone.yml       | 12 ++++++------
 Dockerfile.amd64 |  2 +-
 Dockerfile.arm64 |  4 ++--
 Makefile         |  6 +++---
 4 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index a54c01b..2ee2b2e 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -10,7 +10,7 @@ platform:
 steps:
 - name: build
   pull: always
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.21.8b1
   commands:
   - make DRONE_TAG=${DRONE_TAG} image-build-operator
   - make DRONE_TAG=${DRONE_TAG} image-build-network-config-daemon
@@ -20,7 +20,7 @@ steps:
     path: /var/run/docker.sock
 
 - name: publish
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.21.8b1
   commands:
   - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
   - make DRONE_TAG=${DRONE_TAG} image-push-operator
@@ -39,7 +39,7 @@ steps:
     - tag
 
 - name: scan
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.21.8b1
   commands:
   - make DRONE_TAG=${DRONE_TAG} image-scan-operator
   - make DRONE_TAG=${DRONE_TAG} image-scan-network-config-daemon
@@ -65,7 +65,7 @@ platform:
 steps:
 - name: build
   pull: always
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.21.8b1
   commands:
   - make DRONE_TAG=${DRONE_TAG} image-build-operator
   - make DRONE_TAG=${DRONE_TAG} image-build-network-config-daemon
@@ -75,7 +75,7 @@ steps:
     path: /var/run/docker.sock
 
 - name: publish
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.21.8b1
   commands:
   - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
   - make DRONE_TAG=${DRONE_TAG} image-push-operator
@@ -94,7 +94,7 @@ steps:
     - tag
 
 - name: scan
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.21.8b1
   commands:
   - make DRONE_TAG=${DRONE_TAG} image-scan-operator
   - make DRONE_TAG=${DRONE_TAG} image-scan-network-config-daemon
diff --git a/Dockerfile.amd64 b/Dockerfile.amd64
index cd43785..8914fef 100644
--- a/Dockerfile.amd64
+++ b/Dockerfile.amd64
@@ -1,6 +1,6 @@
 # last commit on 2021-10-06
 ARG TAG="v1.2.0"
-ARG GOBORING_VERSION=v1.20.4b11
+ARG GOBORING_VERSION=v1.21.8b1
 ARG BCI_IMAGE=registry.suse.com/bci/bci-base
 ARG HARDENED_IMAGE=rancher/hardened-build-base:${GOBORING_VERSION}
 ARG ARCH
diff --git a/Dockerfile.arm64 b/Dockerfile.arm64
index 409c7d9..2c4fc12 100644
--- a/Dockerfile.arm64
+++ b/Dockerfile.arm64
@@ -1,6 +1,6 @@
 # last commit on 2021-10-06
 ARG TAG="v1.2.0"
-ARG GOBORING_VERSION=v1.20.4b11
+ARG GOBORING_VERSION=v1.21.8b1
 ARG BCI_IMAGE=registry.suse.com/bci/bci-base
 ARG HARDENED_IMAGE=rancher/hardened-build-base:${GOBORING_VERSION}
 ARG ARCH
@@ -49,4 +49,4 @@ FROM ${BCI_IMAGE} as operator
 WORKDIR /
 COPY --from=builder /go/sriov-network-operator/build/_output/linux/arm64/manager /usr/bin/sriov-network-operator
 COPY --from=builder /go/sriov-network-operator/bindata /bindata
-ENTRYPOINT ["/usr/bin/sriov-network-operator"]
\ No newline at end of file
+ENTRYPOINT ["/usr/bin/sriov-network-operator"]
diff --git a/Makefile b/Makefile
index 164d264..adfb663 100644
--- a/Makefile
+++ b/Makefile
@@ -42,7 +42,7 @@ image-push-operator:
 
 .PHONY: image-scan-operator
 image-scan-operator:
-	trivy --severity $(SEVERITIES) --no-progress --ignore-unfixed $(ORG)/hardened-sriov-network-operator:$(TAG)
+	trivy image --severity $(SEVERITIES) --no-progress --ignore-unfixed $(ORG)/hardened-sriov-network-operator:$(TAG)
 
 .PHONY: image-build-network-config-daemon
 image-build-network-config-daemon:
@@ -63,7 +63,7 @@ image-push-network-config-daemon:
 
 .PHONY: image-scan-network-config-daemon
 image-scan-network-config-daemon:
-	trivy --severity $(SEVERITIES) --no-progress --ignore-unfixed $(ORG)/hardened-sriov-network-config-daemon:$(TAG)
+	trivy image --severity $(SEVERITIES) --no-progress --ignore-unfixed $(ORG)/hardened-sriov-network-config-daemon:$(TAG)
 
 .PHONY: image-build-sriov-network-webhook
 image-build-sriov-network-webhook:
@@ -84,4 +84,4 @@ image-push-sriov-network-webhook:
 
 .PHONY: image-scan-sriov-network-webhook
 image-scan-sriov-network-webhook:
-	trivy --severity $(SEVERITIES) --no-progress --ignore-unfixed $(ORG)/hardened-sriov-network-webhook:$(TAG)
+	trivy image --severity $(SEVERITIES) --no-progress --ignore-unfixed $(ORG)/hardened-sriov-network-webhook:$(TAG)