Accepting request 843194 from devel:kubic

OBS-URL: https://build.opensuse.org/request/show/843194
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=2

_service

@@ -1,18 +1,17 @@
 <services>
   <service name="tar_scm" mode="disabled">
-    <param name="url">https://github.com/aquasecurity/trivy.git</param>
+    <param name="url">https://github.com/aquasecurity/trivy</param>
     <param name="scm">git</param>
-    <param name="exclude">.git</param>
+    <param name="versionformat">0.12.0</param>
-    <param name="filename">trivy</param>
+    <param name="revision">v0.12.0</param>
-    <param name="revision">v0.9.2</param>
-    <param name="versionformat">@PARENT_TAG@</param>
-    <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>
   </service>
-  <service name="set_version" mode="disabled"/>
   <service name="recompress" mode="disabled">
-    <param name="file">*.tar</param>
+    <param name="file">trivy-*.tar</param>
     <param name="compression">gz</param>
   </service>
+  <service name="set_version" mode="disabled">
+    <param name="basename">trivy</param>
+  </service>
   <service name="go_modules" mode="disabled"/>
 </services>

_servicedata

@@ -1,4 +0,0 @@
-<servicedata>
-<service name="tar_scm">
-                <param name="url">https://github.com/aquasecurity/trivy.git</param>
-              <param name="changesrevision">d9fa353a069bf14e93c88cf6a4ba194c12594374</param></service></servicedata>

trivy.changes

@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Tue Oct 20 13:13:39 UTC 2020 - msabate@suse.com
+
+- Update to version 0.12.0:
+  * ci(circle): update remote docker version (#683)
+  * suse: update end of life dates for SLES service packs (#676)
+  * update readme for parallel run issue (#660)
+  * fix link for Clear images section in README (#659)
+  * add link to Gitlab CI pipeline in README (#658)
+  * test: add tests for mux (#645)
+  * chore: bump up Go to 1.15 (#646)
+  * Add contrib/ to the release chain for Docker (#638)
+  * Add health check endpoint to trivy server (#644)
+  * fix(cli): show help for subcommands (#629)
+
 -------------------------------------------------------------------
 Tue Sep 08 18:00:57 UTC 2020 - jsuchome@suse.com
 
@@ -52,10 +67,10 @@ Tue Jul 28 12:33:21 UTC 2020 - jsuchome@suse.com
 -------------------------------------------------------------------
 Fri Jul 24 11:34:15 UTC 2020 - jsuchome@suse.com
 
-- enabled changesgenerate option to automatically generate changes 
+- enabled changesgenerate option to automatically generate changes
 
 -------------------------------------------------------------------
 Thu Jul 16 15:54:15 CEST 2020 - jsuchome@suse.com
 
-- initial release of 0.6.0 version, supported by Harbor 2.0 
+- initial release of 0.6.0 version, supported by Harbor 2.0
 

trivy.spec

@@ -16,42 +16,53 @@
 #
 # nodebuginfo
 
-
-%define goipath github.com/aquasecurity/trivy
-
 Name:           trivy
-Version:        0.9.2
+Version:        0.12.0
 Release:        0
-Summary:        Vulnerability Scanner for Containers
+Summary:        A Simple and Comprehensive Vulnerability Scanner for Containers
 License:        Apache-2.0
 Group:          System/Management
 URL:            https://github.com/aquasecurity/trivy
-Source0:        %{name}-%{version}.tar.gz
+Source:         %{name}-%{version}.tar.gz
 Source1:        vendor.tar.gz
 BuildRequires:  golang-packaging
-BuildRequires:  golang(API) >= 1.13
+BuildRequires:  golang(API) = 1.13
+
+# As specified in their documentation. The version of these packages doesn't
+# seem to matter too much.
+Requires:       git-core
+Requires:       ca-certificates
+Requires:       rpm
+%{go_nostrip}
 
 %description
-A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts,
+Trivy (`tri` pronounced like trigger, `vy` pronounced like envy) is a simple and
-Suitable for CI.
+comprehensive vulnerability scanner for containers and other artifacts. A
+software vulnerability is a glitch, flaw, or weakness present in the software or
+in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine,
+RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn,
+etc.). Trivy is easy to use. Just install the binary and you're ready to
+scan. All you need to do for scanning is to specify a target such as an image
+name of the container.
 
 %prep
-%setup -q -n %{name}-%{version}
+%setup -q -a1
-%setup -q -T -D -a 1
+
+# Even though this is a bit ugly because it falls outside of the scope of the
+# original intent of the `LDFLAGS` variable, it's useful to do it once just so
+# we don't have to patch both `build` and `install`.
+sed -i -e 's|LDFLAGS=|LDFLAGS=-buildmode=pie -mod vendor |g' Makefile
 
 %build
-%goprep %{goipath}
+make build VERSION=%{version}
-
-export CGO_ENABLED=0
-
-%gobuild -mod vendor cmd/trivy
 
 %install
-%goinstall
+make install VERSION=%{version}
+install -D -m 0755 ~/go/bin/%{name} "%{buildroot}/%{_bindir}/%{name}"
 
 %files
 %license LICENSE
 %doc README.md
-%{_bindir}/trivy
+%{_bindir}/%{name}
 
 %changelog