From 0da5ddc0baf542bb1ab5f5c7157a1f5030ed9453 Mon Sep 17 00:00:00 2001
From: Mohamed Hamou <mohamedhamou@Air-de-Mohamed.lan>
Date: Fri, 30 Aug 2024 09:08:53 +0200
Subject: [PATCH 1/2] Bump to arlas-server 26.0.0

---
 docker/docker-files/docker-compose-arlas-server.yml | 2 +-
 pom.xml                                             | 2 +-
 scripts/ci/tests-integration.sh                     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/docker/docker-files/docker-compose-arlas-server.yml b/docker/docker-files/docker-compose-arlas-server.yml
index 0c7d9b0..fcdbfb6 100644
--- a/docker/docker-files/docker-compose-arlas-server.yml
+++ b/docker/docker-files/docker-compose-arlas-server.yml
@@ -2,7 +2,7 @@ version: '3'
 
 services:
   arlas-server:
-    image: gisaia/arlas-server:${ARLAS_VERSION:-25.1.0}
+    image: gisaia/arlas-server:${ARLAS_VERSION:-26.0.0}
     container_name: arlas-server
     restart: always
     environment:
diff --git a/pom.xml b/pom.xml
index 3a26579..8c0a39e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -23,7 +23,7 @@
         <surefire.version>2.22.2</surefire.version>
         <log4j.version>2.23.1</log4j.version>
 
-        <arlas-server.version>25.1.0</arlas-server.version>
+        <arlas-server.version>26.0.0</arlas-server.version>
         <!-- KAFKA-->
         <kafka.version>3.7.0</kafka.version>
 
diff --git a/scripts/ci/tests-integration.sh b/scripts/ci/tests-integration.sh
index 9ce0e59..82f1080 100755
--- a/scripts/ci/tests-integration.sh
+++ b/scripts/ci/tests-integration.sh
@@ -2,7 +2,7 @@
 set -o errexit -o pipefail
 
 export ELASTIC_VERSION="8.13.3"
-export ARLAS_VERSION="25.1.0"
+export ARLAS_VERSION="26.0.0"
 
 function clean_exit {
   ARG=$?

From d63eb7eb81ed4776d8900d42d996a6411c7b5e20 Mon Sep 17 00:00:00 2001
From: Mohamed Hamou <mohamedhamou@Air-de-Mohamed.lan>
Date: Fri, 30 Aug 2024 09:16:29 +0200
Subject: [PATCH 2/2] update distroless & trivyignore

---
 .github/workflows/.trivyignore | 5 ++++-
 .github/workflows/trivy.yaml   | 2 +-
 docker/docker-files/Dockerfile | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/.trivyignore b/.github/workflows/.trivyignore
index 43d6b4f..a6bee9e 100644
--- a/.github/workflows/.trivyignore
+++ b/.github/workflows/.trivyignore
@@ -1,4 +1,7 @@
 # update org.yaml:snakeyaml to 2.0
 CVE-2022-1471
 CVE-2023-6378
-CVE-2023-6481
\ No newline at end of file
+CVE-2023-6481
+CVE-2023-52425
+CVE-2023-25193
+CVE-2023-45853
\ No newline at end of file
diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
index 612ab5c..dde3dbe 100644
--- a/.github/workflows/trivy.yaml
+++ b/.github/workflows/trivy.yaml
@@ -20,7 +20,7 @@ jobs:
         image-ref: 'docker.io/gisaia/arlas-tagger:${{ github.sha }}'
         format: 'table'
         exit-code: '1'
-        ignore-unfixed: true
+        ignore-unfixed: false
         vuln-type: 'os,library'
         severity: 'CRITICAL,HIGH'
         trivyignores: .github/workflows/.trivyignore
diff --git a/docker/docker-files/Dockerfile b/docker/docker-files/Dockerfile
index 14fb4e4..558757f 100644
--- a/docker/docker-files/Dockerfile
+++ b/docker/docker-files/Dockerfile
@@ -17,7 +17,7 @@ RUN mvn install \
 ###################
 # PACKAGING STAGE #
 ###################
-FROM gisaia/arlas-openjdk-17-distroless:20240505183515
+FROM gisaia/arlas-openjdk-17-distroless:20240821142139
 
 # application placed into /opt/app
 WORKDIR /opt/app