Backport of security: update alpine base image to 3.20 into release/1.20.x

[dhiaayachi]

Backport

This PR is auto-generated from #21729 to be assessed for backporting due to the inclusion of the label backport/1.20.

:rotating_light:

Warning automatic cherry-pick of commits failed. If the first commit failed, you will see a blank no-op commit below. If at least one commit succeeded, you will see the cherry-picked commits up to, not including, the commit where the merge conflict occurred.

The person who merged in the original PR is: @zalimeni This person should manually cherry-pick the original PR into a new backport PR, and close this one when the manual backport PR is merged in.

merge conflict error: POST https://api.github.com/repos/hashicorp/consul/merges: 409 Merge conflict []

The below text is copied from the body of the original PR.

---

Description

Fixes several CVEs by upgrading dependencies via base image upgrade.

Also drops all current triage exceptions for Docker containers, since this update knocks out the only active ones, and several more are already resolved.

Testing & Reproduction steps

Tested locally from one-off Docker CI build:

❯ scan container ./consul_default_linux_arm64_1.19.3-dev_c5ca319b156ce0bbb67d79eaa1bbc80113ae3557.docker.tar
✓ Scanned file:{path:"/Users/michael.zalimeni/workspace/security-scanner/consul_default_linux_arm64_1.19.3-dev_c5ca319b156ce0bbb67d79eaa1bbc80113ae3557.docker.tar"} in 59.8s - no results found

PR Checklist

• [ ] updated test coverage
• [ ] external facing docs updated
• [x] appropriate backport labels added
• [x] not a security concern

---

Overview of commits

- 4421ce1677605ae118f741f4251fce65faa8ff87 - 65397c8fe979e809cef90a3353029945f776728d - ab0a16cd20300108744b28bb74427ccedf8abe30

[dhiaayachi]

Thanks for reporting this issue. The backport/1.20 label has been added, so it's being considered for backporting. It looks like a merge conflict occurred during the automatic cherry-pick. The person who merged the original PR will need to manually cherry-pick the commits and create a new backport PR.

The original PR's description mentions the following:

• It upgrades dependencies via the base image upgrade, addressing several CVEs.
• It drops all triage exceptions for Docker containers.
• Tests were conducted locally using a one-off Docker CI build.

Please let us know if you have any further questions.

[dhiaayachi]

Thanks for reporting this. We've had reports of this issue. Please see this documentation for workarounds and a possible solution.

[dhiaayachi]

found 10 issues that are related to this issue:

• https://github.com/dhiaayachi/consul/issues/1003
• https://github.com/dhiaayachi/consul/issues/1019
• https://github.com/dhiaayachi/consul/issues/1023
• https://github.com/dhiaayachi/consul/issues/1039
• https://github.com/dhiaayachi/consul/issues/1040
• https://github.com/dhiaayachi/consul/issues/1041
• https://github.com/dhiaayachi/consul/issues/1043
• https://github.com/dhiaayachi/consul/issues/1049
• https://github.com/dhiaayachi/consul/issues/1054
• https://github.com/dhiaayachi/consul/issues/1075