From f1dae0d2c5258b6d606e0c5ec9584cf1de2ad8e7 Mon Sep 17 00:00:00 2001
From: Johnatas <johnatasr@hotmail.com>
Date: Thu, 24 Aug 2023 22:11:48 -0300
Subject: [PATCH 1/2] update build image to v1.20.7b3

Signed-off-by: Johnatas <johnatasr@hotmail.com>
---
 .drone.yml | 16 ++++++++--------
 Dockerfile |  2 +-
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 163a89e..7bff843 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -10,7 +10,7 @@ platform:
 steps:
 - name: build
   pull: always
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.20.7b3
   commands:
   - make DRONE_TAG=${DRONE_TAG}
   volumes:
@@ -24,7 +24,7 @@ steps:
       - refs/pull/**
 
 - name: publish
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.20.7b3
   commands:
   - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
   - make DRONE_TAG=${DRONE_TAG} image-push
@@ -41,7 +41,7 @@ steps:
     - tag
 
 - name: scan
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.20.7b3
   commands:
   - make DRONE_TAG=${DRONE_TAG} image-scan
   volumes:
@@ -64,7 +64,7 @@ platform:
 steps:
 - name: build
   pull: always
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.20.7b3
   commands:
   - make DRONE_TAG=${DRONE_TAG}
   volumes:
@@ -72,7 +72,7 @@ steps:
     path: /var/run/docker.sock
 
 - name: publish
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.20.7b3
   commands:
   - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
   - make DRONE_TAG=${DRONE_TAG} image-push
@@ -89,7 +89,7 @@ steps:
     - tag
 
 - name: scan
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.20.7b3
   commands:
   - make DRONE_TAG=${DRONE_TAG} image-scan
   volumes:
@@ -121,7 +121,7 @@ node:
 steps:
 - name: build
   pull: always
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.20.7b3
   commands:
   - make DRONE_TAG=${DRONE_TAG}
   volumes:
@@ -135,7 +135,7 @@ steps:
       - refs/pull/**
 
 - name: publish
-  image: rancher/hardened-build-base:v1.20.4b11
+  image: rancher/hardened-build-base:v1.20.7b3
   commands:
   - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
   - make DRONE_TAG=${DRONE_TAG} image-push
diff --git a/Dockerfile b/Dockerfile
index 93ebd3e..3bf2383 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
 ARG ARCH="amd64"
 ARG TAG="v3.26.1"
 ARG BCI_IMAGE=registry.suse.com/bci/bci-base
-ARG GO_IMAGE=rancher/hardened-build-base:v1.20.7b2
+ARG GO_IMAGE=rancher/hardened-build-base:v1.20.7b3
 ARG CNI_IMAGE=rancher/hardened-cni-plugins:v1.2.0-build20230523
 ARG GOEXPERIMENT=boringcrypto
 

From 5edd0595d2e8853f7c4f1337d03974eda811a2dd Mon Sep 17 00:00:00 2001
From: Johnatas <johnatasr@hotmail.com>
Date: Mon, 28 Aug 2023 19:40:47 -0300
Subject: [PATCH 2/2] update trivy image scan command

Signed-off-by: Johnatas <johnatasr@hotmail.com>
---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index d56bdcc..db97194 100644
--- a/Makefile
+++ b/Makefile
@@ -52,4 +52,4 @@ image-manifest:
 
 .PHONY: image-scan
 image-scan:
-	trivy --severity $(SEVERITIES) --no-progress --ignore-unfixed $(ORG)/hardened-calico:$(TAG)
+	trivy image --severity $(SEVERITIES) --no-progress --ignore-unfixed $(ORG)/hardened-calico:$(TAG)