From e6c9177f53d6060993a99b5caa20d1bcd665c99e Mon Sep 17 00:00:00 2001
From: jsfillman <jsfillman@lbl.gov>
Date: Mon, 30 Jan 2023 20:04:52 -0800
Subject: [PATCH 1/4] Testing new Trivy scans with known positive

---
 Dockerfile | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index de9cf78..d841f6b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,7 @@
-FROM python:3.9.13-alpine3.16
+FROM ghcr.io/kbase/execution_engine2-develop:pr-443
+# FROM python:3.9.13-alpine3.16
 
 # Install Base Packages
-RUN apk --no-cache add bash curl 
+# RUN apk --no-cache add bash curl 
 
 ENTRYPOINT ["sleep 1d"]

From 23ad39b0aa9daf5a57612ca0ea05e18f8b8e1e2c Mon Sep 17 00:00:00 2001
From: jsfillman <jsfillman@lbl.gov>
Date: Mon, 30 Jan 2023 20:22:16 -0800
Subject: [PATCH 2/4] Testing with older trivy version to verify functionality

---
 .github/workflows/pr_build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pr_build.yml b/.github/workflows/pr_build.yml
index 5e9b52e..d882f86 100644
--- a/.github/workflows/pr_build.yml
+++ b/.github/workflows/pr_build.yml
@@ -39,5 +39,5 @@ jobs:
     secrets: inherit
   trivy-scans:
     if: (github.base_ref == 'develop' || github.base_ref == 'main' || github.base_ref == 'master' ) && github.event.pull_request.merged == false
-    uses: kbase/.github/.github/workflows/reusable_trivy-scans.yml@develop
+    uses: kbase/.github/.github/workflows/reusable_trivy-scans.yml@main
     secrets: inherit

From 2148ec1d2f6ba26a2f5dd15d7bdf11da3c97eed7 Mon Sep 17 00:00:00 2001
From: jsfillman <jsfillman@lbl.gov>
Date: Mon, 30 Jan 2023 22:52:12 -0800
Subject: [PATCH 3/4] Testing with known vulnerable image

---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index d841f6b..b68f6a0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,6 @@
-FROM ghcr.io/kbase/execution_engine2-develop:pr-443
+# FROM ghcr.io/kbase/execution_engine2-develop:pr-443
 # FROM python:3.9.13-alpine3.16
+FROM elastic/logstash:7.13.3
 
 # Install Base Packages
 # RUN apk --no-cache add bash curl 

From 8f9d15ba98493e08862a83377c8cf4168f1c71b2 Mon Sep 17 00:00:00 2001
From: jsfillman <jsfillman@lbl.gov>
Date: Mon, 30 Jan 2023 22:55:17 -0800
Subject: [PATCH 4/4] Retrying with latest Trivy scan on known positive

---
 .github/workflows/pr_build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pr_build.yml b/.github/workflows/pr_build.yml
index d882f86..5e9b52e 100644
--- a/.github/workflows/pr_build.yml
+++ b/.github/workflows/pr_build.yml
@@ -39,5 +39,5 @@ jobs:
     secrets: inherit
   trivy-scans:
     if: (github.base_ref == 'develop' || github.base_ref == 'main' || github.base_ref == 'master' ) && github.event.pull_request.merged == false
-    uses: kbase/.github/.github/workflows/reusable_trivy-scans.yml@main
+    uses: kbase/.github/.github/workflows/reusable_trivy-scans.yml@develop
     secrets: inherit