[Proposal] Build and push an "unsecure" image based on Alpine

[PumpkinSeed]

Resolve #62

What do you think to add an alpine image definitely marked as unsecure, but it can run the script mode of probes?

[valeriansaliou]

Thank you for this PR. What do you think of replacing the Vigil base image with this insecure one?

Vigil is running in its Docker container in this case, using configuration-sourced information to run probes, so I don't see it a problem having it run in insecure mode for all users.

Can you give your opinion on that? In this case I think the best is to merge the two for simplicity's sake :)

[PumpkinSeed]

Actually the scratch image protects the system against the application vulnerabilities. Since the Vigil running shell scripts and if it has a vulnerability where unauthorized users can modify that script or escalate it by getting the script to a remote access point to the server, that can be bad, because there are secrets for certain tools like rabbitmq, slack, etc.

But all this inside the container, so if the ops team run the image on a secure way, than the damage what this can cause in the worst case scenario, that the secrets will be stolen I guess. I'm not a cyber security expert.

On the other hand this all shouldn't be a problem if:

1. the application doesn't have vulnerabilities especially on the script running part
2. if the mode: "other than script" is not able to run scripts, because in that way someone who doesn't want this feature will be fully protected/

I agree to change the main image, because if someone wants to run the scripts it will has these problems otherwise.

[valeriansaliou]

We can change the main image then :)

[PumpkinSeed]

I changed it, so it's a bit smaller PR.

[valeriansaliou]

The Docker image has been published on tag v1.25.1, you can test it now :)

[PumpkinSeed]

Thank you, I already tested it and worked properly.