From de30c7677f81e8dd7e41cdc8985b969776e3a46a Mon Sep 17 00:00:00 2001
From: Samuel Alfageme Sainz <samuel.alfageme@gmail.com>
Date: Thu, 9 Mar 2023 15:18:33 +0100
Subject: [PATCH] docker: bump alpine base image to v3.17 (#3703)

---
 changelog/unreleased/security-update-docker-base.md | 6 ++++++
 docker/Dockerfile.reva                              | 2 +-
 docker/Dockerfile.revad                             | 2 +-
 docker/Dockerfile.revad-eos                         | 2 +-
 4 files changed, 9 insertions(+), 3 deletions(-)
 create mode 100644 changelog/unreleased/security-update-docker-base.md

diff --git a/changelog/unreleased/security-update-docker-base.md b/changelog/unreleased/security-update-docker-base.md
new file mode 100644
index 00000000000..9d2a46695b8
--- /dev/null
+++ b/changelog/unreleased/security-update-docker-base.md
@@ -0,0 +1,6 @@
+Enhancement: Bump reva(d) base image to alpine 3.17
+
+Prevents several vulnerabilities from the base image itself:
+  https://artifacthub.io/packages/helm/cs3org/revad?modal=security-report
+
+https://github.com/cs3org/reva/pull/3703
diff --git a/docker/Dockerfile.reva b/docker/Dockerfile.reva
index 90c5174d16a..62f41e5c67f 100644
--- a/docker/Dockerfile.reva
+++ b/docker/Dockerfile.reva
@@ -16,7 +16,7 @@
 # granted to it by virtue of its status as an Intergovernmental Organization
 # or submit itself to any jurisdiction.
 
-FROM golang:alpine3.16 as builder
+FROM golang:alpine3.17 as builder
 
 RUN apk --no-cache add \
   ca-certificates \
diff --git a/docker/Dockerfile.revad b/docker/Dockerfile.revad
index 01c22e4abf5..9c29d931c09 100644
--- a/docker/Dockerfile.revad
+++ b/docker/Dockerfile.revad
@@ -16,7 +16,7 @@
 # granted to it by virtue of its status as an Intergovernmental Organization
 # or submit itself to any jurisdiction.
 
-FROM golang:alpine3.16 as builder
+FROM golang:alpine3.17 as builder
 
 WORKDIR /home/reva
 COPY . .
diff --git a/docker/Dockerfile.revad-eos b/docker/Dockerfile.revad-eos
index fe337afccff..a4919d05519 100644
--- a/docker/Dockerfile.revad-eos
+++ b/docker/Dockerfile.revad-eos
@@ -16,7 +16,7 @@
 # granted to it by virtue of its status as an Intergovernmental Organization
 # or submit itself to any jurisdiction.
 
-FROM golang:alpine3.16 as builder
+FROM golang:alpine3.17 as builder
 
 WORKDIR /home/reva
 COPY . .