Update Base Images for a Security Patch & MQTT Base Image Update (#6038)

- Update base image for security vulnerabilities (Similar to #5965)
- Address the unused user for MQTT tester base image for ARM* (Similar to #5982)

## Azure IoT Edge PR checklist:

edge-agent/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 

edge-agent/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && \

edge-agent/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 ARG num_procs=4
 
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}

edge-hub/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 

edge-hub/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 # Add an unprivileged user account for running Edge Hub

edge-hub/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 # Add an unprivileged user account for running Edge Hub

edge-modules/MetricsCollector/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

edge-modules/MetricsCollector/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

edge-modules/MetricsCollector/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

edge-modules/SimulatedTemperatureSensor/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

edge-modules/SimulatedTemperatureSensor/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

edge-modules/SimulatedTemperatureSensor/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

edge-modules/iotedge-diagnostics-dotnet/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

edge-modules/iotedge-diagnostics-dotnet/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

edge-modules/iotedge-diagnostics-dotnet/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

mqtt/docker/linux/amd64/Dockerfile

@@ -1,5 +1,5 @@
 # Use the same base image as prod edgehub images
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 ADD ./x86_64-unknown-linux-musl/release/mqttd /usr/local/bin/mqttd

mqtt/docker/linux/arm32v7/Dockerfile

@@ -1,13 +1,10 @@
 # Use the same base image as prod edgehub images
-ARG base_tag=1.0.6.15-linux-arm32v7
-FROM azureiotedge/azureiotedge-hub-base:${base_tag}
+ARG base_tag=3.1-bionic-arm32v7
+FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 ADD ./armv7-unknown-linux-gnueabihf/release/mqttd /usr/local/bin/mqttd
 
 EXPOSE 1883/tcp
 EXPOSE 8883/tcp
 
-# Use an unprivileged user account from base image for running mqttd	
-USER edgehubuser
-
 ENTRYPOINT ["/usr/local/bin/mqttd"]

test/connectivity/modules/NetworkController/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/connectivity/modules/NetworkController/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && apt-get install -y libcap2-bin libsnappy1v5 && \

test/connectivity/modules/NetworkController/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && \

test/modules/CloudToDeviceMessageTester/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/CloudToDeviceMessageTester/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/CloudToDeviceMessageTester/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/DeploymentTester/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/DeploymentTester/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/DeploymentTester/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/DirectMethodReceiver/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/DirectMethodReceiver/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/DirectMethodReceiver/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/DirectMethodSender/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/DirectMethodSender/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/DirectMethodSender/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/EdgeHubRestartTester/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/EdgeHubRestartTester/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/EdgeHubRestartTester/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/MetricsValidator/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/MetricsValidator/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/MetricsValidator/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/ModuleRestarter/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/ModuleRestarter/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/ModuleRestarter/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/NumberLogger/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/NumberLogger/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/NumberLogger/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/Relayer/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/Relayer/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/Relayer/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/TemperatureFilter/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/TemperatureFilter/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/TemperatureFilter/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/TestAnalyzer/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 

test/modules/TestAnalyzer/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && apt-get install -y libcap2-bin libsnappy1v5 && \

test/modules/TestAnalyzer/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && \

test/modules/TestResultCoordinator/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 

test/modules/TestResultCoordinator/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && apt-get install -y libcap2-bin libsnappy1v5 && \

test/modules/TestResultCoordinator/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && \

test/modules/TwinTester/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 

test/modules/TwinTester/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && apt-get install -y libcap2-bin libsnappy1v5 && \

test/modules/TwinTester/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/aspnet:${base_tag}
 
 RUN apt-get update && \

test/modules/load-gen/docker/linux/amd64/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-alpine3.14
+ARG base_tag=3.1-alpine
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 ARG EXE_DIR=.

test/modules/load-gen/docker/linux/arm32v7/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm32v7
+ARG base_tag=3.1-bionic-arm32v7
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module

test/modules/load-gen/docker/linux/arm64v8/Dockerfile

@@ -1,4 +1,4 @@
-ARG base_tag=3.1.19-bionic-arm64v8
+ARG base_tag=3.1-bionic-arm64v8
 FROM mcr.microsoft.com/dotnet/runtime:${base_tag}
 
 # Add an unprivileged user account for running the module