Bump alpine image (#22009)

bump alpine image
hashicorp · Dec 17, 2024 · 4adb3f2 · 4adb3f2
1 parent c181a53
commit 4adb3f2
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 9 deletions.
diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
@@ -37,13 +37,6 @@ container {
 	triage {
 		suppress {
 			vulnerabilities = [
-				"CVE-2024-8096", # [email protected],
-				"CVE-2024-9143", # [email protected],
-				"CVE-2024-3596", # [email protected],
-				"CVE-2024-2236", # [email protected],
-				"CVE-2024-26458", # [email protected],
-				"CVE-2024-2511", # [email protected],
-				#the above can be resolved when they're resolved in the alpine image
 			]
 			paths = [
 				"internal/tools/proto-gen-rpc-glue/e2e/consul/*",

diff --git a/Dockerfile b/Dockerfile
@@ -16,7 +16,7 @@
 # Official docker image that includes binaries from releases.hashicorp.com. This
 # downloads the release from releases.hashicorp.com and therefore requires that
 # the release is published before building the Docker image.
-FROM docker.mirror.hashicorp.services/alpine:3.20 as official
+FROM docker.mirror.hashicorp.services/alpine:3.21 as official
 
 # This is the release of Consul to pull in.
 ARG VERSION
@@ -112,7 +112,7 @@ CMD ["agent", "-dev", "-client", "0.0.0.0"]
 
 # Production docker image that uses CI built binaries.
 # Remember, this image cannot be built locally.
-FROM docker.mirror.hashicorp.services/alpine:3.20 as default
+FROM docker.mirror.hashicorp.services/alpine:3.21 as default
 
 ARG PRODUCT_VERSION
 ARG BIN_NAME