Upgrade docker images to ubuntu mantic

[ptodev]

PR Description

Upgrading our docker files to ubuntu mantic.

Also, this PR removes the apt-get upgrade -y because it makes our docker builds more non-deterministic.

Notes to the Reviewer

apt-get upgrade -y was introduced recently as a temporary measure to make sure we are not using a particular library which had a known vulnerability.

PR Checklist

• CHANGELOG.md updated
• Documentation added
• Tests updated
• Config converters updated

[tpaschalis]

LGTM. Does the new image update all tools to the correct versions we wanted? Then let's get this merged.

[captncraig]

Does trivy have definitions for mantic yet? I'm building and testing locally to verify.

[captncraig]

I am not getting valid scans on ubuntu:mantic locally currently:

trivy i ubuntu:mantic
2023-10-19T10:56:16.723-0400    INFO    Need to update DB
2023-10-19T10:56:16.723-0400    INFO    DB Repository: ghcr.io/aquasecurity/trivy-db
2023-10-19T10:56:16.723-0400    INFO    Downloading DB...
40.57 MiB / 40.57 MiB [-------------------------------------------------------------------------------------------------------------------------------------] 100.00% 12.51 MiB p/s 3.4s
2023-10-19T10:56:20.614-0400    INFO    Vulnerability scanning is enabled
2023-10-19T10:56:20.615-0400    INFO    Secret scanning is enabled
2023-10-19T10:56:20.615-0400    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-10-19T10:56:20.615-0400    INFO    Please see also https://aquasecurity.github.io/trivy/v0.43/docs/scanner/secret/#recommendation for faster secret detection
2023-10-19T10:56:23.438-0400    INFO    Detected OS: ubuntu
2023-10-19T10:56:23.438-0400    WARN    This OS version is not on the EOL list: ubuntu 23.10
2023-10-19T10:56:23.438-0400    INFO    Detecting Ubuntu vulnerabilities...
2023-10-19T10:56:23.439-0400    INFO    Number of language-specific files: 0
2023-10-19T10:56:23.439-0400    WARN    This OS version is no longer supported by the distribution: ubuntu 23.10
2023-10-19T10:56:23.439-0400    WARN    The vulnerability detection may be insufficient because security updates are not provided

ubuntu:mantic (ubuntu 23.10)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

I'm not sure we can update till that tool gives valid results.

[ptodev]

I am also unable to scan Ubuntu 23.10 with Trivy:

└─▪ trivy --scanners vuln image ubuntu:mantic
2023-10-19T16:21:46.700+0100	INFO	Vulnerability scanning is enabled
2023-10-19T16:21:47.569+0100	INFO	Detected OS: ubuntu
2023-10-19T16:21:47.569+0100	WARN	This OS version is not on the EOL list: ubuntu 23.10
2023-10-19T16:21:47.569+0100	INFO	Detecting Ubuntu vulnerabilities...
2023-10-19T16:21:47.569+0100	INFO	Number of language-specific files: 0
2023-10-19T16:21:47.569+0100	WARN	This OS version is no longer supported by the distribution: ubuntu 23.10
2023-10-19T16:21:47.569+0100	WARN	The vulnerability detection may be insufficient because security updates are not provided

ubuntu:mantic (ubuntu 23.10)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

I raised a PR for Trivy to support it. We can retry after it is merged. But tbh I'm not sure why we don't just use the latest Ubuntu LTS - 22.04.

[captncraig]

@ptodev this should be good to go since that has merged. If you can fix the conflicts, we can merge this.

[tpaschalis]

Looks like it's had some eyes on this, I'm going to merge this.

[tpaschalis]

cc @ptodev @captncraig I'm going ahead to merge this since the Trivy PR was merged. Let's keep an eye out on main builds just in case.