From 76d0fb3cacc6e1a5810b488d265d7fda9c54d8e0 Mon Sep 17 00:00:00 2001
From: Julio Jimenez <julio@clickhouse.com>
Date: Mon, 27 Feb 2023 14:43:16 -0500
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=B3=20Update=20Ubuntu=20Image=20(#4678?=
 =?UTF-8?q?4)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* :whale: Update Ubuntu Image

Signed-off-by: Julio Jimenez <julio@clickhouse.com>

* Ready for testing

Signed-off-by: Julio Jimenez <julio@clickhouse.com>

* add back wget

Signed-off-by: Julio Jimenez <julio@clickhouse.com>

* add back wget

Signed-off-by: Julio Jimenez <julio@clickhouse.com>

* add back wget

Signed-off-by: Julio Jimenez <julio@clickhouse.com>

---------

Signed-off-by: Julio Jimenez <julio@clickhouse.com>
---
 docker/server/Dockerfile.ubuntu | 18 ++++++------------
 1 file changed, 6 insertions(+), 12 deletions(-)

diff --git a/docker/server/Dockerfile.ubuntu b/docker/server/Dockerfile.ubuntu
index 961c528f19c..5dbb244c298 100644
--- a/docker/server/Dockerfile.ubuntu
+++ b/docker/server/Dockerfile.ubuntu
@@ -1,4 +1,4 @@
-FROM ubuntu:20.04
+FROM ubuntu:22.04
 
 # see https://github.com/moby/moby/issues/4032#issuecomment-192327844
 ARG DEBIAN_FRONTEND=noninteractive
@@ -9,13 +9,14 @@ RUN sed -i "s|http://archive.ubuntu.com|${apt_archive}|g" /etc/apt/sources.list
     && groupadd -r clickhouse --gid=101 \
     && useradd -r -g clickhouse --uid=101 --home-dir=/var/lib/clickhouse --shell=/bin/bash clickhouse \
     && apt-get update \
+    && apt-get upgrade -yq \
     && apt-get install --yes --no-install-recommends \
         apt-transport-https \
         ca-certificates \
         dirmngr \
-        gnupg \
-        locales \
+        gnupg2 \
         wget \
+        locales \
         tzdata \
     && apt-get clean
 
@@ -80,15 +81,8 @@ RUN arch=${TARGETARCH:-amd64} \
     && mkdir -p /var/lib/clickhouse /var/log/clickhouse-server /etc/clickhouse-server /etc/clickhouse-client \
     && chmod ugo+Xrw -R /var/lib/clickhouse /var/log/clickhouse-server /etc/clickhouse-server /etc/clickhouse-client
 
-# Remove as much of Ubuntu as possible.
-# ClickHouse does not need Ubuntu. It can run on top of Linux kernel without any OS distribution.
-# ClickHouse does not need Docker at all. ClickHouse is above all that.
-# It does not care about Ubuntu, Docker, or other cruft and you should neither.
-# The fact that this Docker image is based on Ubuntu is just a misconception.
-# Some vulnerability scanners are arguing about Ubuntu, which is not relevant to ClickHouse at all.
-# ClickHouse does not care when you report false vulnerabilities by running some Docker scanners.
-
-RUN apt-get remove --purge -y libksba8 && apt-get autoremove -y
+RUN apt-get autoremove --purge -yq libksba8 && \
+    apt-get autoremove -yq
 
 # we need to allow "others" access to clickhouse folder, because docker container
 # can be started with arbitrary uid (openshift usecase)