From 043bb8a186fa07dccd6070b47dfea2281567a6fa Mon Sep 17 00:00:00 2001
From: JulioSCX <julio.silva@checkmarx.com>
Date: Tue, 11 Jun 2024 10:25:20 +0100
Subject: [PATCH 1/7] updated query description

---
 .../queries/dockerfile/using_platform_with_from/metadata.json   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/assets/queries/dockerfile/using_platform_with_from/metadata.json b/assets/queries/dockerfile/using_platform_with_from/metadata.json
index 0c8595973a6..0e142ad73fe 100644
--- a/assets/queries/dockerfile/using_platform_with_from/metadata.json
+++ b/assets/queries/dockerfile/using_platform_with_from/metadata.json
@@ -3,7 +3,7 @@
   "queryName": "Using Platform Flag with FROM Command",
   "severity": "LOW",
   "category": "Best Practices",
-  "descriptionText": "'FROM' instruction should use the flag '--platform'",
+  "descriptionText": "'FROM' instruction should not use the flag '--platform'",
   "descriptionUrl": "https://docs.docker.com/engine/reference/builder/#from",
   "platform": "Dockerfile",
   "descriptionID": "5bd0baab",

From cba7f169cd88a0eeab324eadc8a1d95de2a811b0 Mon Sep 17 00:00:00 2001
From: JulioSCX <julio.silva@checkmarx.com>
Date: Tue, 11 Jun 2024 10:27:49 +0100
Subject: [PATCH 2/7] updated test files

---
 .../using_platform_with_from/test/negative.dockerfile           | 2 +-
 .../using_platform_with_from/test/positive.dockerfile           | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/assets/queries/dockerfile/using_platform_with_from/test/negative.dockerfile b/assets/queries/dockerfile/using_platform_with_from/test/negative.dockerfile
index 5a37c7222ff..5538bcc8ef2 100644
--- a/assets/queries/dockerfile/using_platform_with_from/test/negative.dockerfile
+++ b/assets/queries/dockerfile/using_platform_with_from/test/negative.dockerfile
@@ -3,4 +3,4 @@ RUN apk add --update py2-pip
 RUN pip install --upgrade pip
 LABEL maintainer="SvenDowideit@home.org.au"
 COPY requirements.txt /usr/src/app/
-FROM --platform=arm64 baseimage as baseimage-build
+FROM baseimage as baseimage-build
diff --git a/assets/queries/dockerfile/using_platform_with_from/test/positive.dockerfile b/assets/queries/dockerfile/using_platform_with_from/test/positive.dockerfile
index 5538bcc8ef2..5a37c7222ff 100644
--- a/assets/queries/dockerfile/using_platform_with_from/test/positive.dockerfile
+++ b/assets/queries/dockerfile/using_platform_with_from/test/positive.dockerfile
@@ -3,4 +3,4 @@ RUN apk add --update py2-pip
 RUN pip install --upgrade pip
 LABEL maintainer="SvenDowideit@home.org.au"
 COPY requirements.txt /usr/src/app/
-FROM baseimage as baseimage-build
+FROM --platform=arm64 baseimage as baseimage-build

From ddb076f16f93500425ccd9024879360ec9b52b5c Mon Sep 17 00:00:00 2001
From: JulioSCX <julio.silva@checkmarx.com>
Date: Tue, 11 Jun 2024 10:33:42 +0100
Subject: [PATCH 3/7] reverted query changes

---
 .../dockerfile/using_platform_with_from/query.rego       | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/assets/queries/dockerfile/using_platform_with_from/query.rego b/assets/queries/dockerfile/using_platform_with_from/query.rego
index 1fa8712c322..8e133aece1e 100644
--- a/assets/queries/dockerfile/using_platform_with_from/query.rego
+++ b/assets/queries/dockerfile/using_platform_with_from/query.rego
@@ -5,15 +5,14 @@ import data.generic.common as common_lib
 CxPolicy[result] {
 	resource := input.document[i].command[name][_]
 
-	common_lib.contains_element(resource.Value, "as")
-    contains(resource.Cmd, "from")
-	not common_lib.contains_with_size(resource.Flags, "--platform")
+	contains(resource.Flags[j], "--platform")
+	contains(resource.Cmd, "from")
 
 	result := {
 		"documentId": input.document[i].id,
 		"searchKey": sprintf("FROM={{%s}}.{{%s}}", [name, resource.Original]),
 		"issueType": "IncorrectValue",
-		"keyExpectedValue": sprintf("FROM={{%s}}.{{%s}} should use the flag '--platform'", [name, resource.Original]),
-		"keyActualValue": sprintf("FROM={{%s}}.{{%s}} not use the flag '--platform'", [name, resource.Original]),
+		"keyExpectedValue": sprintf("FROM={{%s}}.{{%s}} should not use the '--platform' flag", [name, resource.Original]),
+		"keyActualValue": sprintf("FROM={{%s}}.{{%s}} is using the '--platform' flag", [name, resource.Original]),
 	}
 }

From 27f05dd41d204ce8c086d9faec4f4010bef3e1f3 Mon Sep 17 00:00:00 2001
From: JulioSCX <julio.silva@checkmarx.com>
Date: Tue, 11 Jun 2024 11:31:05 +0100
Subject: [PATCH 4/7] updated severity to 'Info'

---
 .../queries/dockerfile/using_platform_with_from/metadata.json   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/assets/queries/dockerfile/using_platform_with_from/metadata.json b/assets/queries/dockerfile/using_platform_with_from/metadata.json
index 0e142ad73fe..1e7728032c6 100644
--- a/assets/queries/dockerfile/using_platform_with_from/metadata.json
+++ b/assets/queries/dockerfile/using_platform_with_from/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "b16e8501-ef3c-44e1-a543-a093238099c9",
   "queryName": "Using Platform Flag with FROM Command",
-  "severity": "LOW",
+  "severity": "INFO",
   "category": "Best Practices",
   "descriptionText": "'FROM' instruction should not use the flag '--platform'",
   "descriptionUrl": "https://docs.docker.com/engine/reference/builder/#from",

From c17028d8474e55085b51338a5be19772d0cac253 Mon Sep 17 00:00:00 2001
From: JulioSCX <158049359+JulioSCX@users.noreply.github.com>
Date: Tue, 11 Jun 2024 15:50:31 +0100
Subject: [PATCH 5/7] added filename to expected results

---
 .../test/positive_expected_result.json                         | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/assets/queries/dockerfile/using_platform_with_from/test/positive_expected_result.json b/assets/queries/dockerfile/using_platform_with_from/test/positive_expected_result.json
index 62086246cba..e6ca89a1bb5 100644
--- a/assets/queries/dockerfile/using_platform_with_from/test/positive_expected_result.json
+++ b/assets/queries/dockerfile/using_platform_with_from/test/positive_expected_result.json
@@ -2,6 +2,7 @@
   {
     "queryName": "Using Platform Flag with FROM Command",
     "severity": "LOW",
-    "line": 6
+    "line": 6,
+    "fileName": "positive.dockerfile"
   }
 ]
\ No newline at end of file

From f1cbe6c6b4d50b18824b6f36d805fc4a340704f7 Mon Sep 17 00:00:00 2001
From: JulioSCX <julio.silva@checkmarx.com>
Date: Tue, 11 Jun 2024 17:11:33 +0100
Subject: [PATCH 6/7] removed 'platform' flag from dockerfile

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a8da6f6431d..a2b3acfa07b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM --platform=linux/amd64 cgr.dev/chainguard/go@sha256:38db527239c4b33c6ebd1751007041e33cdf81de45f2195b1a60816eb351def1 as build_env
+FROM cgr.dev/chainguard/go@sha256:38db527239c4b33c6ebd1751007041e33cdf81de45f2195b1a60816eb351def1 as build_env
 
 # Copy the source from the current directory to the Working Directory inside the container
 WORKDIR /app
@@ -31,7 +31,7 @@ USER nonroot
 # Runtime image
 # Ignore no User Cmd since KICS container is stopped afer scan
 # kics-scan ignore-line
-FROM --platform=linux/amd64 cgr.dev/chainguard/git@sha256:fa7a03c2cbfa3b961931f0fc0a3489e19fb06ae085f4c2dfd980347ed012c796
+FROM cgr.dev/chainguard/git@sha256:fa7a03c2cbfa3b961931f0fc0a3489e19fb06ae085f4c2dfd980347ed012c796
 
 ENV TERM xterm-256color
 

From 71b4ea869262c08e9df9154df83bd00e78863a67 Mon Sep 17 00:00:00 2001
From: JulioSCX <julio.silva@checkmarx.com>
Date: Tue, 11 Jun 2024 17:23:18 +0100
Subject: [PATCH 7/7] fixed tests

---
 .../test/{negative.dockerfile => negative1.dockerfile}        | 0
 .../test/{positive.dockerfile => positive1.dockerfile}        | 0
 .../test/positive_expected_result.json                        | 4 ++--
 3 files changed, 2 insertions(+), 2 deletions(-)
 rename assets/queries/dockerfile/using_platform_with_from/test/{negative.dockerfile => negative1.dockerfile} (100%)
 rename assets/queries/dockerfile/using_platform_with_from/test/{positive.dockerfile => positive1.dockerfile} (100%)

diff --git a/assets/queries/dockerfile/using_platform_with_from/test/negative.dockerfile b/assets/queries/dockerfile/using_platform_with_from/test/negative1.dockerfile
similarity index 100%
rename from assets/queries/dockerfile/using_platform_with_from/test/negative.dockerfile
rename to assets/queries/dockerfile/using_platform_with_from/test/negative1.dockerfile
diff --git a/assets/queries/dockerfile/using_platform_with_from/test/positive.dockerfile b/assets/queries/dockerfile/using_platform_with_from/test/positive1.dockerfile
similarity index 100%
rename from assets/queries/dockerfile/using_platform_with_from/test/positive.dockerfile
rename to assets/queries/dockerfile/using_platform_with_from/test/positive1.dockerfile
diff --git a/assets/queries/dockerfile/using_platform_with_from/test/positive_expected_result.json b/assets/queries/dockerfile/using_platform_with_from/test/positive_expected_result.json
index e6ca89a1bb5..17bce5638c8 100644
--- a/assets/queries/dockerfile/using_platform_with_from/test/positive_expected_result.json
+++ b/assets/queries/dockerfile/using_platform_with_from/test/positive_expected_result.json
@@ -1,8 +1,8 @@
 [
   {
     "queryName": "Using Platform Flag with FROM Command",
-    "severity": "LOW",
+    "severity": "INFO",
     "line": 6,
-    "fileName": "positive.dockerfile"
+    "fileName": "positive1.dockerfile"
   }
 ]
\ No newline at end of file