From 5a5156b9cac1db87a280081b61bb83befaafea2a Mon Sep 17 00:00:00 2001
From: pysarenko-bohdan <bohdan.pisarenko@codefresh.io>
Date: Mon, 23 Oct 2023 19:04:10 +0300
Subject: [PATCH] fix vulns (#69)

* fix vulns, revert git-lfs, set strict git-lfs version
---
 Dockerfile   | 22 +++++++---------------
 service.yaml |  2 +-
 2 files changed, 8 insertions(+), 16 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 6ad6424..ecc6883 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,23 +1,15 @@
-#moving to ubuntu instead of debian to solve high vulnerabilities 
-FROM ubuntu:jammy-20230816
+#moving to ubuntu instead of debian to solve high vulnerabilities
+FROM ubuntu:jammy-20231004
 
 RUN apt-get update && \
   apt-get install -y curl bash openssl git && \
   apt-get clean
 
-ARG GIT_LFS_VERSION=3.4.0
-ARG TARGETPLATFORM
-
-# installing git-lfs
-RUN case ${TARGETPLATFORM} in \
-   "linux/amd64")  OS_ARCH=amd64  ;; \
-   "linux/arm64")  OS_ARCH=arm64  ;; \
-    esac \
-    && curl -sL https://github.com/git-lfs/git-lfs/releases/download/v${GIT_LFS_VERSION}/git-lfs-linux-${OS_ARCH}-v${GIT_LFS_VERSION}.tar.gz -o "git-lfs.tar.gz" && \
-    tar -xvzf "git-lfs.tar.gz" && \
-    chmod +x git-lfs-${GIT_LFS_VERSION}/install.sh && \
-    rm git-lfs.tar.gz && \
-    git-lfs-${GIT_LFS_VERSION}/install.sh
+# git-lfs v3.4.0 - last available at the 23.10.2023 and it contains bug. Don't update to the version 3.4.0 !!!
+# https://codefresh-io.atlassian.net/browse/CR-20633
+# Next preferred version must be >=3.4.1 and should be tested
+RUN apt-get install git-lfs=3.0.2-1 && \
+ git lfs install
 
 #installing busybox
 ARG BUSYBOX_VERSION=1.31.0
diff --git a/service.yaml b/service.yaml
index a7f9270..dc7f9e6 100644
--- a/service.yaml
+++ b/service.yaml
@@ -1 +1 @@
-version: 10.1.23
+version: 10.1.24