From d89ae34f9539de1439c28a407d2f9bd6e63d807a Mon Sep 17 00:00:00 2001
From: peng9808 <peng.lai@daocloud.io>
Date: Fri, 13 Sep 2024 14:08:11 +0800
Subject: [PATCH 1/3] use rockylinux to baseImage

Signed-off-by: peng9808 <peng.lai@daocloud.io>
---
 Dockerfile | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 0824734..039e68b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,6 @@
-FROM ghcr.io/hwameistor/hwameistor-base-image:latest
+FROM rockylinux:8
+
+RUN yum install -y  nss
 
 COPY ./vendor/github.com/hwameistor/hwameistor/deploy/crds /hwameistorcrds
 COPY ./vendor/github.com/hwameistor/datastore/deploy/crds /hwameistorcrds

From d6c7a1d68c72e7e36adb0f7d397830fe56c61d50 Mon Sep 17 00:00:00 2001
From: peng9808 <peng.lai@daocloud.io>
Date: Fri, 13 Sep 2024 15:35:07 +0800
Subject: [PATCH 2/3] Fixed minor version not being recognized correctly

Signed-off-by: peng9808 <peng.lai@daocloud.io>
---
 pkg/install/drbd/drbd_adapter.go | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/pkg/install/drbd/drbd_adapter.go b/pkg/install/drbd/drbd_adapter.go
index b5b0c0f..40641cd 100644
--- a/pkg/install/drbd/drbd_adapter.go
+++ b/pkg/install/drbd/drbd_adapter.go
@@ -43,13 +43,13 @@ var defaultNodeSelectTerms = []corev1.NodeSelectorTerm{
 var defaultChartVersion = "v0.4.2"
 
 var distroRegexMap = map[string]string{
-	"(red hat enterprise|centos|almalinux|rocky linux) .*7": "rhel7",
-	"(red hat enterprise|centos|almalinux|rocky linux) .*8": "rhel8",
-	"(red hat enterprise|centos|almalinux|rocky linux) .*9": "rhel9",
-	"ubuntu .*18": "bionic",
-	"ubuntu .*20": "focal",
-	"ubuntu .*22": "jammy",
-	"kylin .*v10": "kylin10",
+	"(red hat enterprise|centos|almalinux|rocky linux) .*7([\\s\\-\\.]|$)": "rhel7",
+	"(red hat enterprise|centos|almalinux|rocky linux) .*8([\\s\\-\\.]|$)": "rhel8",
+	"(red hat enterprise|centos|almalinux|rocky linux) .*9([\\s\\-\\.]|$)": "rhel9",
+	"ubuntu .*18([\\s\\-\\.]|$)": "bionic",
+	"ubuntu .*20([\\s\\-\\.]|$)": "focal",
+	"ubuntu .*22([\\s\\-\\.]|$)": "jammy",
+	"kylin .*v10([\\s\\-\\.]|$)": "kylin10",
 }
 
 var backoffLimit0 = int32(0)

From 5ed2737484894c5b46282787e2956c770d1a6895 Mon Sep 17 00:00:00 2001
From: peng9808 <peng.lai@daocloud.io>
Date: Fri, 13 Sep 2024 15:39:50 +0800
Subject: [PATCH 3/3] fix gosec some bug

Signed-off-by: peng9808 <peng.lai@daocloud.io>
---
 .github/workflows/period-check.yml | 16 +++++++++++++---
 .github/workflows/pr.yml           | 14 ++++++++++++--
 2 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/period-check.yml b/.github/workflows/period-check.yml
index bd5242d..2a8578a 100644
--- a/.github/workflows/period-check.yml
+++ b/.github/workflows/period-check.yml
@@ -16,11 +16,21 @@ jobs:
         uses: actions/checkout@v2
         with:
           fetch-depth: 0
-      - name: Run gosec security scan
+      - name: Install Go, gosec, and Run Security Scan
         run: |
-          curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s latest
+          sudo rm -rf /usr/local/go
+
+          wget https://golang.org/dl/go1.22.7.linux-amd64.tar.gz
+          sudo tar -C /usr/local -xzf go1.22.7.linux-amd64.tar.gz
+          export PATH=/usr/local/go/bin:$PATH
+          go version
+          
+          go install github.com/securego/gosec/v2/cmd/gosec@latest
+          export PATH=$(go env GOPATH)/bin:$PATH
+          gosec --version
+
           gosec -severity high -confidence high ./... || exit 1
       - name: e2e test
         env:
           E2E_TESTING_LEVEL: "periodCheck"
-        run: make e2e-test
+        run: make e2e-test
\ No newline at end of file
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 03feae7..dce72a4 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -20,9 +20,19 @@ jobs:
         uses: actions/checkout@v2
         with:
           fetch-depth: 0
-      - name: Run gosec security scan
+      - name: Install Go, gosec, and Run Security Scan
         run: |
-          curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s latest
+          sudo rm -rf /usr/local/go
+
+          wget https://golang.org/dl/go1.22.7.linux-amd64.tar.gz
+          sudo tar -C /usr/local -xzf go1.22.7.linux-amd64.tar.gz
+          export PATH=/usr/local/go/bin:$PATH
+          go version
+          
+          go install github.com/securego/gosec/v2/cmd/gosec@latest
+          export PATH=$(go env GOPATH)/bin:$PATH
+          gosec --version
+
           gosec -severity high -confidence high ./... || exit 1
       - name: pr test
         env: