From 2abc36904adfd51500c9bae1c23912c97b180d09 Mon Sep 17 00:00:00 2001
From: Sergiy Markin <smarkin@mirantis.com>
Date: Thu, 22 Aug 2024 20:37:03 +0000
Subject: [PATCH] CVE fixes

This PS bumps up kubectl in airflow image and also
adds apt upgrade to shipyard image

Change-Id: I280dd6503b6c72df6ab01bef9d9fa2b7f4ef8de1
---
 images/airflow/Dockerfile.ubuntu_focal  | 2 +-
 images/shipyard/Dockerfile.ubuntu_focal | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/images/airflow/Dockerfile.ubuntu_focal b/images/airflow/Dockerfile.ubuntu_focal
index fc747db8..3dbe9f08 100644
--- a/images/airflow/Dockerfile.ubuntu_focal
+++ b/images/airflow/Dockerfile.ubuntu_focal
@@ -49,7 +49,7 @@ ARG DEBIAN_FRONTEND=noninteractive
 ARG ctx_base=src/bin
 
 # Kubectl version
-ARG KUBECTL_VERSION=1.29.5
+ARG KUBECTL_VERSION=1.30.4
 
 # Needed from apache-airflow 1.10.2, since core.airflow_home config is deprecated
 ENV AIRFLOW_HOME=${AIRFLOW_HOME}
diff --git a/images/shipyard/Dockerfile.ubuntu_focal b/images/shipyard/Dockerfile.ubuntu_focal
index e0ca8c9f..7ec86ac5 100644
--- a/images/shipyard/Dockerfile.ubuntu_focal
+++ b/images/shipyard/Dockerfile.ubuntu_focal
@@ -111,6 +111,7 @@ COPY ${ctx_base}/shipyard_airflow /home/shipyard/shipyard/
       python3-pip \
     ' \
     && apt-get -qq update \
+    && apt-get upgrade -y \
     && apt-get -y install -y $buildDeps --no-install-recommends \
     && python3 -m pip install -U pip \
     && pip3 install -r /home/shipyard/client_requirements.txt --no-cache-dir \