From 2a4fe5b5a25850306e54564a3f1cbc7e01c046e1 Mon Sep 17 00:00:00 2001 From: tigro Date: Fri, 10 Jan 2025 18:48:24 +0300 Subject: [PATCH] import trivy-0.55.2-1.el10 --- .gitignore | 4 +-- .trivy.metadata | 4 +-- SPECS/trivy.spec | 71 ++++++++++++++++++++++++++++++++++++++---------- 3 files changed, 60 insertions(+), 19 deletions(-) diff --git a/.gitignore b/.gitignore index c79a04c..a77e97f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/trivy-0.50.4.tar.gz -SOURCES/trivy-0.50.4-vendor.tar.xz +SOURCES/trivy-0.55.2-vendor.tar.xz +SOURCES/trivy-0.55.2.tar.gz diff --git a/.trivy.metadata b/.trivy.metadata index 62024d4..d445a0f 100644 --- a/.trivy.metadata +++ b/.trivy.metadata @@ -1,2 +1,2 @@ -37c90203b5048102d860d6a9a9a7794d9e21bd27 SOURCES/trivy-0.50.4.tar.gz -8716f5d1e2bbb8c00fdbca1d041a440863c23b87 SOURCES/trivy-0.50.4-vendor.tar.xz +bc32e30e2596fe012542d78af506268d525ef193 SOURCES/trivy-0.55.2-vendor.tar.xz +aaf6131e34417589de9279f7c1f4f9eaf5dc99ad SOURCES/trivy-0.55.2.tar.gz diff --git a/SPECS/trivy.spec b/SPECS/trivy.spec index 276373d..76abef2 100644 --- a/SPECS/trivy.spec +++ b/SPECS/trivy.spec @@ -1,5 +1,5 @@ ## START: Set by rpmautospec -## (rpmautospec version 0.6.3) +## (rpmautospec version 0.7.2) ## RPMAUTOSPEC: autorelease, autochangelog %define autorelease(e:s:pb:n) %{?-p:0.}%{lua: release_number = 1; @@ -8,25 +8,21 @@ }%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}} ## END: Set by rpmautospec -%define bash_completions_dir /usr/share/bash-completion/completions -%define fish_completions_dir /usr/share/fish/vendor_completions.d -%define zsh_completions_dir /usr/share/zsh/site-functions - # Generated by go2rpm 1.10.0 -%bcond_without check +%bcond check 1 # https://github.com/aquasecurity/trivy %global goipath github.com/aquasecurity/trivy -Version: 0.50.4 +Version: 0.55.2 -%gometa +%gometa -L %global common_description %{expand: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more.} Name: trivy -Release: 1%{dist}.inferit +Release: %autorelease Summary: Vulnerability and license scanner # Generated with go-vendor-tools @@ -36,13 +32,14 @@ Source0: %{gosource} Source1: trivy-%{version}-vendor.tar.xz Source2: go-vendor-tools.toml +BuildRequires: git-core BuildRequires: go-vendor-tools BuildRequires: sqlite-devel %description %{common_description} %prep -%goprep +%goprep -A %setup -q -T -D -a1 %{forgesetupargs} %autopatch -p1 # Keep in sync with go-vendor-tools.toml @@ -52,9 +49,13 @@ sed -i 's|_ "modernc.org/sqlite"|_ "github.com/mattn/go-sqlite3"|' \ %build # Set the package version in the binary # Change go-sqlite3 driver name for compatibility with modernc sqlite -export GO_LDFLAGS="-X=github.com/aquasecurity/trivy/pkg/version.ver=%{version} -X=github.com/mattn/go-sqlite3.driverName=sqlite" +%global our_goldflags %{shrink: + -X=github.com/aquasecurity/trivy/pkg/version.ver=%{version} + -X=github.com/mattn/go-sqlite3.driverName=sqlite +} +export GO_LDFLAGS=%{shescape:%our_goldflags} # Do not use the bundled sqlite -export CGO_CFLAGS="-D USE_LIBSQLITE3=1 %{build_cflags}" CGO_LDFLAGS=" -lsqlite3 %{build_ldflags}" +export CGO_CFLAGS="-D USE_LIBSQLITE3=1 %{build_cflags}" CGO_LDFLAGS="-lsqlite3 %{build_ldflags}" # This package does not build without go modules enabled %global gomodulesmode GO111MODULE=on %gobuild -o trivy %{goipath}/cmd/trivy @@ -71,6 +72,32 @@ install -Dpm 0755 trivy.fish %{buildroot}%{fish_completions_dir}/trivy.fish install -Dpm 0755 trivy.zsh %{buildroot}%{zsh_completions_dir}/_trivy %go_vendor_license_install -c %{SOURCE2} -d trivy -D "trivy_path=$(pwd)/trivy" +%check +skiptest() { + for test in "$@"; do + awk -i inplace '/^func.*'"${test}"'\(/ { print; print "\tt.Skip(\"disabled failing test\")"; next}1' \ + $(grep -rl "${test}") + done +} + +%go_vendor_license_check -c %{SOURCE2} -d trivy -D "trivy_path=$(pwd)/trivy" +%if %{with check} +# Disable tests that require WASM, generated code, or networking +rm -v \ + pkg/fanal/artifact/repo/git_test.go \ + pkg/module/module_test.go + +%ifarch s390x +skiptest Test_dbWorker_update TestFSCache_GetBlob TestFSCache_MissingBlobs +%endif + +# Terraform tests attempt to connect to the terraform registry +find pkg/iac/scanners/terraform*/ -name '*_test.go' -print -delete + +export GO_LDFLAGS="-X=github.com/mattn/go-sqlite3.driverName=sqlite" +export CGO_CFLAGS="-D USE_LIBSQLITE3=1" CGO_LDFLAGS="-lsqlite3" +%gotest ./... +%endif %files -f %{go_vendor_license_filelist} %doc CONTRIBUTING.md README.md SECURITY.md @@ -80,11 +107,25 @@ install -Dpm 0755 trivy.zsh %{buildroot}%{zsh_completions_dir}/_trivy %{zsh_completions_dir}/_trivy %changelog -* Fri Jul 19 2024 Sergey Cherevko - 0.50.4-1.inferit -- Adapted for MSVphere 9 build -- Rebuilt for MSVSphere 9.4 +* Fri Jan 10 2025 Arkady L. Shane - 0.55.2-1 +- Rebuilt for MSVSphere 10 ## START: Generated by rpmautospec +* Sat Sep 21 2024 Maxwell G - 0.55.2-1 +- Update to 0.55.2. Fixes rhbz#2309677. + +* Wed Aug 21 2024 Maxwell G - 0.54.1-1 +- Update to 0.54.1. Fixes rhbz#2302505. + +* Fri Jul 19 2024 Maxwell G - 0.53.0-3 +- Adjust for test file changes + +* Wed Jul 17 2024 Maxwell G - 0.53.0-2 +- Add missing git-core test dependency + +* Wed Jul 17 2024 Maxwell G - 0.53.0-1 +- Update to 0.53.0. Fixes rhbz#2277210. + * Thu May 02 2024 Maxwell G - 0.50.4-1 - Update to 0.50.4. Fixes rhbz#2277210.