Update to CRS v4.1

[hellerbarde]

I was made aware of the failing pipeline for a renovatebot PR: https://github.com/vshn/modsecurity-docker/actions/runs/8677769722 by Mark Zeman.

Upstream made the image rootless with a recent (3 weeks ago) commit and that breaks the invocations of apt tools in this docker file.

I replaced all the occurrences of 3.3 with 4.1 as best I could, but I'm fairly certain there is some more work to be done here, but maybe someone can use this PR/Branch as a jumping off point, or help me fix the rest of the issues.

In particular I'm worried about this file: v4.1/transform-alert-message.awk
And some of the custom rules in custom-rules/ might need to be reworked for compatibility with v4.1

cheers,
Phil

[hellerbarde]

It would be good to see if my fix for the dockerfile privilege gaining and dropping actually works, so if someone could approve the workflow, that would be good. (it works locally of course 😉 )

[hellerbarde]

In hindsight, it might make sense to keep v3.3 and v4.x in the same repository, so this PR might not even be sensible to merge. I will convert it to a draft accordingly.

[mhutter]

Hi @hellerbarde, good question regarding v3.3 vs v4; I'm not sure yet whether we actually still need the v3 images once we migrated the existing setup.

I have approved the workflow; I'll check if I can give you more permanent permissions to run workflows