bump various tool versions in Dockerfile

[valentin-kaiser]

No description provided.

[github-actions]

Super-linter summary

Language	Validation result
BIOME_FORMAT	Fail ❌
BIOME_LINT	Pass ✅
CHECKOV	Pass ✅
DOCKERFILE_HADOLINT	Pass ✅
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
TRIVY	Fail ❌

Super-linter detected linting errors

For more information, see the GitHub Actions workflow run

Powered by Super-linter

BIOME_FORMAT

Checked 1 file in 4ms. No fixes applied.
Found 1 error.renovate.json format ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  × Formatter would have printed the following content:

     1  1 │   {
     2    │ - ··"$schema":·"https://docs.renovatebot.com/renovate-schema.json",
     3    │ - ··"extends":·[
     4    │ - ····"config:recommended"
     5    │ - ··],
     6    │ - ··"customManagers":·[
     7    │ - ····{
     8    │ - ······"customType":·"regex",
     9    │ - ······"description":·"Update·_VERSION·variables·in·Dockerfiles",
    10    │ - ······"fileMatch":·[
    11    │ - ········"(^|/|\\.)Dockerfile$",
    12    │ - ········"(^|/)Dockerfile\\.[^/]*$",
    13    │ - ········"(^|/)versions.env$"
    14    │ - ······],
    15    │ - ······"matchStrings":·[
    16    │ - ········"#·renovate:·datasource=(?<datasource>[a-z-]+?)(?:·depName=(?<depName>.+?))?·packageName=(?<packageName>.+?)(?:·versioning=(?<versioning>[a-z-]+?))?\\s(?:ENV|ARG)·.+?_VERSION=(?<currentValue>.+?)\\s"
    17    │ - ······]
    18    │ - ····},
    19    │ - ····{
    20    │ - ······"customType":·"regex",
    21    │ - ······"fileMatch":·["^Dockerfile$"],
    22    │ - ······"matchStrings":·[
    23    │ - ········"#\\s*renovate:\\s*?(release=(?<release>.*?))?\\s*depName=(?<depName>.*?)?\\s(?:ENV|ARG)·.*?_VERSION=(?<currentValue>.*)"
    24    │ - ······],
    25    │ - ······"registryUrlTemplate":·"https://deb.debian.org/debian?suite=stable&components=main,contrib,non-free&binaryArch=amd64",
    26    │ - ······"datasourceTemplate":·"deb"
    27    │ - ····}
    28    │ - ··],
    29    │ - ··"enabledManagers":·[
    30    │ - ····"dockerfile",
    31    │ - ····"custom.regex"
    32    │ - ··],
    33    │ - ··"groupName":·"all·dependencies",
    34    │ - ··"groupSlug":·"all"
        2 │ + → "$schema":·"https://docs.renovatebot.com/renovate-schema.json",
        3 │ + → "extends":·["config:recommended"],
        4 │ + → "customManagers":·[
        5 │ + → → {
        6 │ + → → → "customType":·"regex",
        7 │ + → → → "description":·"Update·_VERSION·variables·in·Dockerfiles",
        8 │ + → → → "fileMatch":·[
        9 │ + → → → → "(^|/|\\.)Dockerfile$",
       10 │ + → → → → "(^|/)Dockerfile\\.[^/]*$",
       11 │ + → → → → "(^|/)versions.env$"
       12 │ + → → → ],
       13 │ + → → → "matchStrings":·[
       14 │ + → → → → "#·renovate:·datasource=(?<datasource>[a-z-]+?)(?:·depName=(?<depName>.+?))?·packageName=(?<packageName>.+?)(?:·versioning=(?<versioning>[a-z-]+?))?\\s(?:ENV|ARG)·.+?_VERSION=(?<currentValue>.+?)\\s"
       15 │ + → → → ]
       16 │ + → → },
       17 │ + → → {
       18 │ + → → → "customType":·"regex",
       19 │ + → → → "fileMatch":·["^Dockerfile$"],
       20 │ + → → → "matchStrings":·[
       21 │ + → → → → "#\\s*renovate:\\s*?(release=(?<release>.*?))?\\s*depName=(?<depName>.*?)?\\s(?:ENV|ARG)·.*?_VERSION=(?<currentValue>.*)"
       22 │ + → → → ],
       23 │ + → → → "registryUrlTemplate":·"https://deb.debian.org/debian?suite=stable&components=main,contrib,non-free&binaryArch=amd64",
       24 │ + → → → "datasourceTemplate":·"deb"
       25 │ + → → }
       26 │ + → ],
       27 │ + → "enabledManagers":·["dockerfile",·"custom.regex"],
       28 │ + → "groupName":·"all·dependencies",
       29 │ + → "groupSlug":·"all"
    35 30 │   }
    36 31 │


format ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  × Some errors were emitted while running checks.

TRIVY

Report Summary

┌────────────┬────────────┬─────────────────┬───────────────────┬─────────┐
│   Target   │    Type    │ Vulnerabilities │ Misconfigurations │ Secrets │
├────────────┼────────────┼─────────────────┼───────────────────┼─────────┤
│ Dockerfile │ dockerfile │        -        │         1         │    -    │
└────────────┴────────────┴─────────────────┴───────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


Dockerfile (dockerfile)
=======================
Tests: 27 (SUCCESSES: 26, FAILURES: 1)
Failures: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds-0002
────────────────────────────────────────