fix: Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-UBUNTU2004-BASH-581100
- https://snyk.io/vuln/SNYK-UBUNTU2004-NETTLE-1303240
- https://snyk.io/vuln/SNYK-UBUNTU2004-NETTLE-1303240
- https://snyk.io/vuln/SNYK-UBUNTU2004-SYSTEMD-1290722
- https://snyk.io/vuln/SNYK-UBUNTU2004-SYSTEMD-1290722

CMakeLists.txt

@@ -1,6 +1,6 @@
 cmake_minimum_required (VERSION 3.1)
 
-project (rpc VERSION 1.2.0)
+project (rpc VERSION 1.2.1)
 
 set (CMAKE_CXX_STANDARD 11)
 

Dockerfile

@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 #*********************************************************************/
 
-FROM ubuntu:20.04 AS rpc-builder
+FROM ubuntu:20.10 AS rpc-builder
 
 WORKDIR /
 ARG DEBIAN_FRONTEND=noninteractive
@@ -11,7 +11,7 @@ RUN \
   apt-get update -y -qq && \
   apt install -y -qq \
     git cmake build-essential libssl-dev zlib1g-dev \
-    curl unzip zip pkg-config
+    curl unzip zip pkg-config ca-certificates
 RUN git clone https://github.com/open-amt-cloud-toolkit/rpc.git
 WORKDIR /rpc
 RUN mkdir -p build
@@ -23,7 +23,7 @@ WORKDIR /rpc/build
 RUN cmake -DCMAKE_BUILD_TYPE=Debug -DCMAKE_TOOLCHAIN_FILE=/rpc/vcpkg/scripts/buildsystems/vcpkg.cmake ..
 RUN cmake --build .
 
-FROM ubuntu:20.04 
+FROM ubuntu:20.10 
 
 LABEL license='SPDX-License-Identifier: Apache-2.0' \
       copyright='Copyright (c) 2021: Intel'

Jenkinsfile

@@ -1,6 +1,5 @@
 pipeline {
     agent none
-    triggers {cron '@daily'}
     options {
         buildDiscarder(logRotator(numToKeepStr: '5', daysToKeepStr: '30'))
         timestamps()
@@ -169,4 +168,4 @@ pipeline {
             }
         }
     }
-}
+}

SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+Intel is committed to rapidly addressing security vulnerabilities affecting our customers and providing clear guidance on the solution, impact, severity and mitigation. 
+
+## Reporting a Vulnerability
+Please report any security vulnerabilities in this project utilizing the guidelines [here](https://www.intel.com/content/www/us/en/security-center/vulnerability-handling-guidelines.html).

usage.cpp

@@ -49,15 +49,15 @@ void usage_show_help()
     std::cout << "Examples:"                                                                        << std::endl;
     std::cout << "  # Activate platform using profile1"                                             << std::endl;
     std::cout << "  " << PROJECT_NAME << \
-       " --url wss://localhost:8080 --cmd \"-t activate --profile profile1\""                       << std::endl;
+       " --url wss://192.168.86.100/activate --cmd \"-t activate --profile profile1\""              << std::endl;
     std::cout                                                                                       << std::endl;
     std::cout << "  # Activate platform using profile1 and override DNS detection" << std::endl;
     std::cout << "  " << PROJECT_NAME << \
-       " --url wss://localhost:8080 --cmd \"-t activate --profile profile1\" --dns corp.com"        << std::endl;
+       " --url wss://mycloud.com/activate --cmd \"-t activate --profile profile1\" --dns corp.com"  << std::endl;
     std::cout                                                                                       << std::endl;
     std::cout << "  # Deactivate platform and connect through a proxy"                              << std::endl;
     std::cout << "  " << PROJECT_NAME << \
-       " -u wss://localhost:8080 -c \"-t deactivate --password P@ssw0rd\" -p http://proxy.com:1000" << std::endl;
+       " -u wss://mycloud.com/activate -c \"-t deactivate --password P@ssw0rd\" -p http://proxy.com:1000" << std::endl;
     std::cout                                                                                       << std::endl;
     std::cout << "  # Show all informational items"                                                 << std::endl;
     std::cout << "  " << PROJECT_NAME << " --amtinfo all"                                           << std::endl;