|
|
|
|
@ -1,5 +1,5 @@
|
|
|
|
|
## START: Set by rpmautospec
|
|
|
|
|
## (rpmautospec version 0.6.3)
|
|
|
|
|
## (rpmautospec version 0.7.2)
|
|
|
|
|
## RPMAUTOSPEC: autorelease, autochangelog
|
|
|
|
|
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
|
|
|
|
|
release_number = 1;
|
|
|
|
|
@ -8,25 +8,21 @@
|
|
|
|
|
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
|
|
|
|
|
## END: Set by rpmautospec
|
|
|
|
|
|
|
|
|
|
%define bash_completions_dir /usr/share/bash-completion/completions
|
|
|
|
|
%define fish_completions_dir /usr/share/fish/vendor_completions.d
|
|
|
|
|
%define zsh_completions_dir /usr/share/zsh/site-functions
|
|
|
|
|
|
|
|
|
|
# Generated by go2rpm 1.10.0
|
|
|
|
|
%bcond_without check
|
|
|
|
|
%bcond check 1
|
|
|
|
|
|
|
|
|
|
# https://github.com/aquasecurity/trivy
|
|
|
|
|
%global goipath github.com/aquasecurity/trivy
|
|
|
|
|
Version: 0.50.4
|
|
|
|
|
Version: 0.55.2
|
|
|
|
|
|
|
|
|
|
%gometa
|
|
|
|
|
%gometa -L
|
|
|
|
|
|
|
|
|
|
%global common_description %{expand:
|
|
|
|
|
Find vulnerabilities, misconfigurations, secrets, SBOM in containers,
|
|
|
|
|
Kubernetes, code repositories, clouds and more.}
|
|
|
|
|
|
|
|
|
|
Name: trivy
|
|
|
|
|
Release: 1%{dist}.inferit
|
|
|
|
|
Release: %autorelease
|
|
|
|
|
Summary: Vulnerability and license scanner
|
|
|
|
|
|
|
|
|
|
# Generated with go-vendor-tools
|
|
|
|
|
@ -36,13 +32,14 @@ Source0: %{gosource}
|
|
|
|
|
Source1: trivy-%{version}-vendor.tar.xz
|
|
|
|
|
Source2: go-vendor-tools.toml
|
|
|
|
|
|
|
|
|
|
BuildRequires: git-core
|
|
|
|
|
BuildRequires: go-vendor-tools
|
|
|
|
|
BuildRequires: sqlite-devel
|
|
|
|
|
|
|
|
|
|
%description %{common_description}
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
|
%goprep
|
|
|
|
|
%goprep -A
|
|
|
|
|
%setup -q -T -D -a1 %{forgesetupargs}
|
|
|
|
|
%autopatch -p1
|
|
|
|
|
# Keep in sync with go-vendor-tools.toml
|
|
|
|
|
@ -52,9 +49,13 @@ sed -i 's|_ "modernc.org/sqlite"|_ "github.com/mattn/go-sqlite3"|' \
|
|
|
|
|
%build
|
|
|
|
|
# Set the package version in the binary
|
|
|
|
|
# Change go-sqlite3 driver name for compatibility with modernc sqlite
|
|
|
|
|
export GO_LDFLAGS="-X=github.com/aquasecurity/trivy/pkg/version.ver=%{version} -X=github.com/mattn/go-sqlite3.driverName=sqlite"
|
|
|
|
|
%global our_goldflags %{shrink:
|
|
|
|
|
-X=github.com/aquasecurity/trivy/pkg/version.ver=%{version}
|
|
|
|
|
-X=github.com/mattn/go-sqlite3.driverName=sqlite
|
|
|
|
|
}
|
|
|
|
|
export GO_LDFLAGS=%{shescape:%our_goldflags}
|
|
|
|
|
# Do not use the bundled sqlite
|
|
|
|
|
export CGO_CFLAGS="-D USE_LIBSQLITE3=1 %{build_cflags}" CGO_LDFLAGS=" -lsqlite3 %{build_ldflags}"
|
|
|
|
|
export CGO_CFLAGS="-D USE_LIBSQLITE3=1 %{build_cflags}" CGO_LDFLAGS="-lsqlite3 %{build_ldflags}"
|
|
|
|
|
# This package does not build without go modules enabled
|
|
|
|
|
%global gomodulesmode GO111MODULE=on
|
|
|
|
|
%gobuild -o trivy %{goipath}/cmd/trivy
|
|
|
|
|
@ -71,6 +72,32 @@ install -Dpm 0755 trivy.fish %{buildroot}%{fish_completions_dir}/trivy.fish
|
|
|
|
|
install -Dpm 0755 trivy.zsh %{buildroot}%{zsh_completions_dir}/_trivy
|
|
|
|
|
%go_vendor_license_install -c %{SOURCE2} -d trivy -D "trivy_path=$(pwd)/trivy"
|
|
|
|
|
|
|
|
|
|
%check
|
|
|
|
|
skiptest() {
|
|
|
|
|
for test in "$@"; do
|
|
|
|
|
awk -i inplace '/^func.*'"${test}"'\(/ { print; print "\tt.Skip(\"disabled failing test\")"; next}1' \
|
|
|
|
|
$(grep -rl "${test}")
|
|
|
|
|
done
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
%go_vendor_license_check -c %{SOURCE2} -d trivy -D "trivy_path=$(pwd)/trivy"
|
|
|
|
|
%if %{with check}
|
|
|
|
|
# Disable tests that require WASM, generated code, or networking
|
|
|
|
|
rm -v \
|
|
|
|
|
pkg/fanal/artifact/repo/git_test.go \
|
|
|
|
|
pkg/module/module_test.go
|
|
|
|
|
|
|
|
|
|
%ifarch s390x
|
|
|
|
|
skiptest Test_dbWorker_update TestFSCache_GetBlob TestFSCache_MissingBlobs
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
# Terraform tests attempt to connect to the terraform registry
|
|
|
|
|
find pkg/iac/scanners/terraform*/ -name '*_test.go' -print -delete
|
|
|
|
|
|
|
|
|
|
export GO_LDFLAGS="-X=github.com/mattn/go-sqlite3.driverName=sqlite"
|
|
|
|
|
export CGO_CFLAGS="-D USE_LIBSQLITE3=1" CGO_LDFLAGS="-lsqlite3"
|
|
|
|
|
%gotest ./...
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
%files -f %{go_vendor_license_filelist}
|
|
|
|
|
%doc CONTRIBUTING.md README.md SECURITY.md
|
|
|
|
|
@ -80,11 +107,25 @@ install -Dpm 0755 trivy.zsh %{buildroot}%{zsh_completions_dir}/_trivy
|
|
|
|
|
%{zsh_completions_dir}/_trivy
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
|
* Fri Jul 19 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 0.50.4-1.inferit
|
|
|
|
|
- Adapted for MSVphere 9 build
|
|
|
|
|
- Rebuilt for MSVSphere 9.4
|
|
|
|
|
* Wed Dec 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 0.55.2-1
|
|
|
|
|
- Rebuilt for MSVSphere 9.5
|
|
|
|
|
|
|
|
|
|
## START: Generated by rpmautospec
|
|
|
|
|
* Sat Sep 21 2024 Maxwell G <maxwell@gtmx.me> - 0.55.2-1
|
|
|
|
|
- Update to 0.55.2. Fixes rhbz#2309677.
|
|
|
|
|
|
|
|
|
|
* Wed Aug 21 2024 Maxwell G <maxwell@gtmx.me> - 0.54.1-1
|
|
|
|
|
- Update to 0.54.1. Fixes rhbz#2302505.
|
|
|
|
|
|
|
|
|
|
* Fri Jul 19 2024 Maxwell G <maxwell@gtmx.me> - 0.53.0-3
|
|
|
|
|
- Adjust for test file changes
|
|
|
|
|
|
|
|
|
|
* Wed Jul 17 2024 Maxwell G <maxwell@gtmx.me> - 0.53.0-2
|
|
|
|
|
- Add missing git-core test dependency
|
|
|
|
|
|
|
|
|
|
* Wed Jul 17 2024 Maxwell G <maxwell@gtmx.me> - 0.53.0-1
|
|
|
|
|
- Update to 0.53.0. Fixes rhbz#2277210.
|
|
|
|
|
|
|
|
|
|
* Thu May 02 2024 Maxwell G <maxwell@gtmx.me> - 0.50.4-1
|
|
|
|
|
- Update to 0.50.4. Fixes rhbz#2277210.
|
|
|
|
|
|
|
|
|
|
|
Arkady L. Shane