Use publicly available nginx:1.14 image

Replace unavailable custom image with nginx:1.14 which is publicly
accessible and has known CVEs for testing.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Author: janisz

smoke/smoke_test.go

@@ -53,7 +53,7 @@ func TestSmoke_RealCluster(t *testing.T) {
 		},
 		"get_deployments_for_cve with known CVE": {
 			toolName: "get_deployments_for_cve",
-			args:     map[string]any{"cveName": "CVE-2023-32697"},
+			args:     map[string]any{"cveName": "CVE-2019-11043"},
 			validateFunc: func(t *testing.T, result string) {
 				t.Helper()
 				var data struct {
@@ -64,22 +64,10 @@ func TestSmoke_RealCluster(t *testing.T) {
 				}
 				require.NoError(t, json.Unmarshal([]byte(result), &data))
 
-				// The deployment might not be scanned yet, so we'll be lenient
 				if len(data.Deployments) == 0 {
-					t.Log("Warning: No deployments found with CVE-2023-32697. Deployment may not be scanned yet.")
+					t.Log("Warning: No deployments found with CVE. Deployment may not be scanned yet.")
 				} else {
-					found := false
-					for _, dep := range data.Deployments {
-						if dep.Name == "vulnerable-app" && dep.Namespace == "vulnerable-apps" {
-							found = true
-							break
-						}
-					}
-					if found {
-						t.Log("Successfully found vulnerable-app deployment")
-					} else {
-						t.Logf("Found %d deployment(s) with CVE, but not the expected vulnerable-app", len(data.Deployments))
-					}
+					t.Logf("Found %d deployment(s) with CVE", len(data.Deployments))
 				}
 			},
 		},

smoke/testdata/vulnerable-deployment.yaml

@@ -22,9 +22,9 @@ spec:
     spec:
       containers:
       - name: vulnerable-app
-        image: quay.io/rhacs-eng/qa:sqlite-jdbc-CVE-2023-32697
+        image: nginx:1.14
         ports:
-        - containerPort: 8080
+        - containerPort: 80
         resources:
           requests:
             cpu: "0"