From 2f912a1897c40a39edc5eec412af86266cbcf012 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=ADctor=20Rold=C3=A1n=20Betancort?=
 <vroldanbet@authzed.com>
Date: Thu, 26 Oct 2023 09:46:03 +0100
Subject: [PATCH] fix grpc-health-probe flagged by trivy

Due to CVE https://github.com/advisories/GHSA-m425-mq94-257g
There hasn't been any grpc-health-probe release
with the fix, so this builds at the specific commit
that includes a version bump for the affected dependency

https://github.com/grpc-ecosystem/grpc-health-probe/commit/25cbb494d84276f72724b5331e6466a7800a8a41
---
 Dockerfile         | 2 +-
 Dockerfile.release | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index c34adf71de..382d3ae251 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,7 +9,7 @@ WORKDIR /go/src/app
 RUN apk update && apk add --no-cache git
 RUN git clone https://github.com/grpc-ecosystem/grpc-health-probe.git
 WORKDIR /go/src/app/grpc-health-probe
-RUN git checkout v0.4.21
+RUN git checkout 25cbb49
 RUN CGO_ENABLED=0 go install -a -tags netgo -ldflags=-w
 
 FROM cgr.dev/chainguard/static:latest
diff --git a/Dockerfile.release b/Dockerfile.release
index 187d379f90..31c1ac72d5 100644
--- a/Dockerfile.release
+++ b/Dockerfile.release
@@ -6,7 +6,7 @@ WORKDIR /go/src/app
 RUN apk update && apk add --no-cache git
 RUN git clone https://github.com/grpc-ecosystem/grpc-health-probe.git
 WORKDIR /go/src/app/grpc-health-probe
-RUN git checkout v0.4.21
+RUN git checkout 25cbb49
 RUN CGO_ENABLED=0 go install -a -tags netgo -ldflags=-w
 
 FROM $BASE