From ff80a0f46a21b0d774711379911de26f76c789a4 Mon Sep 17 00:00:00 2001
From: Anish Ramasekar <anish.ramasekar@gmail.com>
Date: Wed, 6 Apr 2022 23:09:26 +0530
Subject: [PATCH] chore: update to debian-base:bullseye-v1.2.0 for arc
 conformance (#849)

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
---
 .pipelines/templates/scan-images.yaml | 8 ++++----
 arc/conformance/plugin/Dockerfile     | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.pipelines/templates/scan-images.yaml b/.pipelines/templates/scan-images.yaml
index bdef249db..5fb712002 100644
--- a/.pipelines/templates/scan-images.yaml
+++ b/.pipelines/templates/scan-images.yaml
@@ -1,8 +1,8 @@
 steps:
   - script: |
       # install trivy
-      wget https://github.com/aquasecurity/trivy/releases/download/v$(TRIVY_VERSION)/trivy_$(TRIVY_VERSION)_Linux-64bit.tar.gz
-      tar zxvf trivy_$(TRIVY_VERSION)_Linux-64bit.tar.gz
+      wget https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION:-0.24.4}/trivy_${TRIVY_VERSION:-0.24.4}_Linux-64bit.tar.gz
+      tar zxvf trivy_${TRIVY_VERSION:-0.24.4}_Linux-64bit.tar.gz
 
       # scan provider image
       export REGISTRY="e2e"
@@ -10,8 +10,8 @@ steps:
       OUTPUT_TYPE=docker make container arc-conformance-container
       # show all vulnerabilities in the logs
       ./trivy image "${REGISTRY}/provider-azure:${IMAGE_VERSION}"
-      ./trivy image --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL "${REGISTRY}/provider-azure:${IMAGE_VERSION}" || exit 1
+      ./trivy image --vuln-type os --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL "${REGISTRY}/provider-azure:${IMAGE_VERSION}" || exit 1
       
       ./trivy image "${REGISTRY}/provider-azure-arc-conformance:${IMAGE_VERSION}-linux-amd64"
-      ./trivy image --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL "${REGISTRY}/provider-azure-arc-conformance:${IMAGE_VERSION}-linux-amd64" || exit 1
+      ./trivy image --vuln-type os --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL "${REGISTRY}/provider-azure-arc-conformance:${IMAGE_VERSION}-linux-amd64" || exit 1
     displayName: "Scan images for vulnerability"
diff --git a/arc/conformance/plugin/Dockerfile b/arc/conformance/plugin/Dockerfile
index 5649db70e..d1696d3aa 100644
--- a/arc/conformance/plugin/Dockerfile
+++ b/arc/conformance/plugin/Dockerfile
@@ -2,7 +2,7 @@ ARG STEP_CLI_VERSION=0.18.0
 ARG STEP_CLI_IMAGE=smallstep/step-cli:${STEP_CLI_VERSION}
 FROM $STEP_CLI_IMAGE as step-cli
 
-FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.1.0
+FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.2.0
 ARG KUBE_VERSION=v1.21.2
 ARG TARGETARCH