From eb699f66006c87bfa1137fa9b2d718e8344a4b60 Mon Sep 17 00:00:00 2001
From: Sergey Cherevko <sergey.cherevko@softline.com>
Date: Thu, 25 Jul 2024 10:21:51 +0300
Subject: [PATCH] Import trivy-0.50.4-1

---
 .gitignore                   |   2 +
 .trivy.metadata              |   2 +
 SOURCES/go-vendor-tools.toml | 106 ++++++++++++++++++++++++++++
 SPECS/trivy.spec             | 129 +++++++++++++++++++++++++++++++++++
 4 files changed, 239 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 .trivy.metadata
 create mode 100644 SOURCES/go-vendor-tools.toml
 create mode 100644 SPECS/trivy.spec

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..c79a04c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+SOURCES/trivy-0.50.4.tar.gz
+SOURCES/trivy-0.50.4-vendor.tar.xz
diff --git a/.trivy.metadata b/.trivy.metadata
new file mode 100644
index 0000000..62024d4
--- /dev/null
+++ b/.trivy.metadata
@@ -0,0 +1,2 @@
+37c90203b5048102d860d6a9a9a7794d9e21bd27  SOURCES/trivy-0.50.4.tar.gz
+8716f5d1e2bbb8c00fdbca1d041a440863c23b87  SOURCES/trivy-0.50.4-vendor.tar.xz
diff --git a/SOURCES/go-vendor-tools.toml b/SOURCES/go-vendor-tools.toml
new file mode 100644
index 0000000..3204068
--- /dev/null
+++ b/SOURCES/go-vendor-tools.toml
@@ -0,0 +1,106 @@
+[archive]
+use_module_proxy = true
+pre_commands = [
+  # Change to a different sqlite3 backend without generated content and
+  # questionable licensing
+  # https://github.com/aquasecurity/trivy/discussions/6449
+  [
+    "sh", "-exc",
+    """
+    sed -i 's|_ "modernc.org/sqlite"|_ "github.com/mattn/go-sqlite3"|' \
+        $(grep -rl '_ "modernc.org/sqlite"' pkg/ cmd/ integration/)
+
+    """,
+  ],
+  ["sed", "-i", "/modernc.org/d", "go.mod"],
+  ["go", "get", "-u", "github.com/mattn/go-sqlite3"],
+]
+post_commands = [
+  # Copy missing license files that go mod vendor doesn't include
+  ["mkdir", "-p", "vendor/github.com/csaf-poc/csaf_distribution/v3/LICENSES"],
+  [
+    "wget", "-q",
+    "https://github.com/csaf-poc/csaf_distribution/raw/v3.0.0/LICENSES/MIT.txt",
+    "-O", "vendor/github.com/csaf-poc/csaf_distribution/v3/LICENSES/MIT.txt"
+  ],
+  [
+    "wget", "-q",
+    "https://github.com/csaf-poc/csaf_distribution/raw/v3.0.0/LICENSES/LicenseRef-Go119-BSD-Patentgrant.txt",
+    "-O", "vendor/github.com/csaf-poc/csaf_distribution/v3/LICENSES/BSD-3-Clause.txt"
+  ],
+  [
+    "cp",
+    "vendor/github.com/hashicorp/golang-lru/v2/LICENSE",
+    "vendor/github.com/hashicorp/golang-lru/LICENSE"
+  ],
+
+  [
+    "sh", "-c",
+    """
+    # Ensure modernc is properly removed
+    ! grep 'modernc.org' go.mod
+    # Remove bundled sqlite
+    rm -v \
+    vendor/github.com/mattn/go-sqlite3/sqlite3-binding.* \
+    vendor/github.com/mattn/go-sqlite3/sqlite3ext.h
+    """,
+  ],
+]
+
+
+[licensing]
+exclude_directories = [
+    "pkg/licensing/testdata",
+    "pkg/fanal/analyzer/language/golang/mod/testdata",
+    "pkg/fanal/analyzer/language/python/packaging/testdata/",
+    "pkg/fanal/analyzer/licensing/testdata/",
+    "vendor/github.com/google/licenseclassifier/v2/assets",
+
+]
+exclude_files = [
+    "vendor/cloud.google.com/go/internal/version/update_version.sh",
+    "vendor/cloud.google.com/go/storage/emulator_test.sh",
+    "vendor/github.com/go-git/go-git/v5/oss-fuzz.sh",
+    "vendor/go.opentelemetry.io/otel/get_main_pkgs.sh",
+    "vendor/go.opentelemetry.io/otel/verify_examples.sh",
+    "vendor/google.golang.org/grpc/regenerate.sh",
+    "vendor/k8s.io/kubectl/pkg/util/i18n/translations/extract.py",
+]
+backend = "trivy"
+
+[[licensing.licenses]]
+path = "vendor/github.com/google/shlex/COPYING"
+sha256sum = "cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30"
+expression = "Apache-2.0"
+[[licensing.licenses]]
+path = "vendor/github.com/spdx/tools-golang/LICENSE.code"
+sha256sum = "e914fb1f3927226e04b0438e0b541b3c6e3c65de4d64aa8f5cdaa803f05448fd"
+expression = "Apache-2.0 OR GPL-2.0-or-later"
+[[licensing.licenses]]
+path = "vendor/github.com/go-errors/errors/LICENSE.MIT"
+sha256sum = "4c1b2259f160d975ec6594b602be5db4e6c0c06afe312ca3cd7cff91b75c7c26"
+expression = "MIT"
+[[licensing.licenses]]
+path = "vendor/github.com/alecthomas/chroma/COPYING"
+sha256sum = "e7bf754e7153012a3a8ff697d21acd6c12e590d6a55f2aef8ee83616aa9a795f"
+expression = "MIT"
+[[licensing.licenses]]
+path = "vendor/github.com/BurntSushi/toml/COPYING"
+sha256sum = "d21cb1c60785d6d3a84a7059323ccafc45c645b1bbda281c76a62d66ad2d7dc3"
+expression = "MIT"
+[[licensing.licenses]]
+path = "pkg/iac/scanners/helm/test/mysql/README.md"
+sha256sum = "745fadb84a68937b060856d30dca16516a731d5685e03271ee6fa124295054b0"
+expression = "Apache-2.0"
+[[licensing.licenses]]
+path = "pkg/iac/scanners/helm/test/mysql/charts/common/README.md"
+sha256sum = "62b77785b81344c7108495e6d0f29fa1b6e0d4078b88284d85f3113ab84a48f1"
+expression = "Apache-2.0"
+[[licensing.licenses]]
+path = "vendor/github.com/rcrowley/go-metrics/LICENSE"
+sha256sum = "d2571186acad91c8a3121fb31f1aa5963e82ccd08608d00cef3eb3f3a6c8ad38"
+expression = "BSD-2-Clause-Views"
+[[licensing.licenses]]
+path = "vendor/github.com/alecthomas/chroma/formatters/svg/font_liberation_mono.go"
+sha256sum = "62b52a13f5eaa92c7ec5cecbdb9fc17871ad98095668967938ffe3ae4ee96a2c"
+expression = "OFL-1.1-RFN"
diff --git a/SPECS/trivy.spec b/SPECS/trivy.spec
new file mode 100644
index 0000000..20d0863
--- /dev/null
+++ b/SPECS/trivy.spec
@@ -0,0 +1,129 @@
+## START: Set by rpmautospec
+## (rpmautospec version 0.6.3)
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 1;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
+# Generated by go2rpm 1.10.0
+%bcond_without check
+
+# https://github.com/aquasecurity/trivy
+%global goipath         github.com/aquasecurity/trivy
+Version:                0.50.4
+
+%gometa -L
+
+%global common_description %{expand:
+Find vulnerabilities, misconfigurations, secrets, SBOM in containers,
+Kubernetes, code repositories, clouds and more.}
+
+Name:           trivy
+Release:        %autorelease
+Summary:        Vulnerability and license scanner
+
+# Generated with go-vendor-tools
+License:        Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND BSL-1.0 AND ISC AND MIT AND MPL-2.0 AND OFL-1.1-RFN AND Unicode-DFS-2016 AND Unlicense AND (Apache-2.0 OR GPL-2.0-or-later)
+URL:            %{gourl}
+Source0:        %{gosource}
+Source1:        trivy-%{version}-vendor.tar.xz
+Source2:        go-vendor-tools.toml
+
+BuildRequires:  go-vendor-tools
+BuildRequires:  sqlite-devel
+
+%description %{common_description}
+
+%prep
+%goprep -A
+%setup -q -T -D -a1 %{forgesetupargs}
+%autopatch -p1
+# Keep in sync with go-vendor-tools.toml
+sed -i 's|_ "modernc.org/sqlite"|_ "github.com/mattn/go-sqlite3"|' \
+    $(grep -rl '_ "modernc.org/sqlite"' pkg/ cmd/ integration/)
+
+%build
+# Set the package version in the binary
+# Change go-sqlite3 driver name for compatibility with modernc sqlite
+%global our_goldflags %{shrink:
+    -X=github.com/aquasecurity/trivy/pkg/version.ver=%{version}
+    -X=github.com/mattn/go-sqlite3.driverName=sqlite
+}
+export GO_LDFLAGS=%{shescape:%our_goldflags}
+# Do not use the bundled sqlite
+export CGO_CFLAGS="-D USE_LIBSQLITE3=1 %{build_cflags}" CGO_LDFLAGS="-lsqlite3 %{build_ldflags}"
+# This package does not build without go modules enabled
+%global gomodulesmode GO111MODULE=on
+%gobuild -o trivy %{goipath}/cmd/trivy
+
+./trivy completion bash > trivy.bash
+./trivy completion fish > trivy.fish
+./trivy completion zsh > trivy.zsh
+
+%install
+install -m 0755 -vd                     %{buildroot}%{_bindir}
+install -m 0755 -vp trivy               %{buildroot}%{_bindir}/
+install -Dpm 0755 trivy.bash %{buildroot}%{bash_completions_dir}/trivy
+install -Dpm 0755 trivy.fish %{buildroot}%{fish_completions_dir}/trivy.fish
+install -Dpm 0755 trivy.zsh  %{buildroot}%{zsh_completions_dir}/_trivy
+%go_vendor_license_install -c %{SOURCE2} -d trivy -D "trivy_path=$(pwd)/trivy"
+
+%check
+skiptest() {
+    for test in "$@"; do
+        awk -i inplace '/^func.*'"${test}"'\(/ { print; print "\tt.Skip(\"disabled failing test\")"; next}1' \
+            $(grep -rl "${test}")
+    done
+}
+
+%go_vendor_license_check -c %{SOURCE2} -d trivy -D "trivy_path=$(pwd)/trivy"
+%if %{with check}
+# Disable tests that require WASM, generated code, or networking
+rm -v \
+    pkg/fanal/artifact/repo/git_test.go \
+    pkg/module/module_test.go
+
+%ifarch s390x
+%dnl Cannot load the test database on s390x
+rm -v pkg/fanal/cache/fs_test.go
+skiptest Test_dbWorker_update
+%endif
+
+# Terraform tests attempt to connect to the terraform registry
+find pkg/iac/scanners/terraform*/ -name '*_test.go' -print -delete
+
+export GO_LDFLAGS="-X=github.com/mattn/go-sqlite3.driverName=sqlite"
+export CGO_CFLAGS="-D USE_LIBSQLITE3=1" CGO_LDFLAGS="-lsqlite3"
+%gotest ./...
+%endif
+
+%files -f %{go_vendor_license_filelist}
+%doc CONTRIBUTING.md README.md SECURITY.md
+%{_bindir}/trivy
+%{bash_completions_dir}/trivy
+%{fish_completions_dir}/trivy.fish
+%{zsh_completions_dir}/_trivy
+
+%changelog
+* Fri Jul 19 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 0.50.4-1
+- Rebuilt for MSVSphere 9.4
+
+## START: Generated by rpmautospec
+* Thu May 02 2024 Maxwell G <maxwell@gtmx.me> - 0.50.4-1
+- Update to 0.50.4. Fixes rhbz#2277210.
+
+* Tue Apr 23 2024 Maxwell G <maxwell@gtmx.me> - 0.50.2-1
+- Update to 0.50.2. Fixes rhbz#2276563.
+
+* Sat Apr 13 2024 Maxwell G <maxwell@gtmx.me> - 0.50.1-2
+- Enable i686 builds
+
+* Sat Apr 06 2024 Maxwell G <maxwell@gtmx.me> - 0.50.1-1
+- Update to 0.50.1.
+
+* Sat Apr 06 2024 Maxwell G <maxwell@gtmx.me> - 0.50.0-1
+- Initial import (rhbz#2272258)
+## END: Generated by rpmautospec