SHA256
1
0
forked from pool/trivy

Accepting request 843194 from devel:kubic

OBS-URL: https://build.opensuse.org/request/show/843194
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=2
This commit is contained in:
Dominique Leuenberger 2020-10-21 12:40:13 +00:00 committed by Git OBS Bridge
parent c735d1e4b1
commit 3ed020cb93
7 changed files with 58 additions and 37 deletions

View File

@ -1,18 +1,17 @@
<services> <services>
<service name="tar_scm" mode="disabled"> <service name="tar_scm" mode="disabled">
<param name="url">https://github.com/aquasecurity/trivy.git</param> <param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param> <param name="scm">git</param>
<param name="exclude">.git</param> <param name="versionformat">0.12.0</param>
<param name="filename">trivy</param> <param name="revision">v0.12.0</param>
<param name="revision">v0.9.2</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param> <param name="changesgenerate">enable</param>
</service> </service>
<service name="set_version" mode="disabled"/>
<service name="recompress" mode="disabled"> <service name="recompress" mode="disabled">
<param name="file">*.tar</param> <param name="file">trivy-*.tar</param>
<param name="compression">gz</param> <param name="compression">gz</param>
</service> </service>
<service name="set_version" mode="disabled">
<param name="basename">trivy</param>
</service>
<service name="go_modules" mode="disabled"/> <service name="go_modules" mode="disabled"/>
</services> </services>

View File

@ -1,4 +0,0 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy.git</param>
<param name="changesrevision">d9fa353a069bf14e93c88cf6a4ba194c12594374</param></service></servicedata>

BIN
trivy-0.12.0.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

BIN
trivy-0.9.2.tar.gz (Stored with Git LFS)

Binary file not shown.

View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Tue Oct 20 13:13:39 UTC 2020 - msabate@suse.com
- Update to version 0.12.0:
* ci(circle): update remote docker version (#683)
* suse: update end of life dates for SLES service packs (#676)
* update readme for parallel run issue (#660)
* fix link for Clear images section in README (#659)
* add link to Gitlab CI pipeline in README (#658)
* test: add tests for mux (#645)
* chore: bump up Go to 1.15 (#646)
* Add contrib/ to the release chain for Docker (#638)
* Add health check endpoint to trivy server (#644)
* fix(cli): show help for subcommands (#629)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Sep 08 18:00:57 UTC 2020 - jsuchome@suse.com Tue Sep 08 18:00:57 UTC 2020 - jsuchome@suse.com

View File

@ -16,42 +16,53 @@
# #
# nodebuginfo # nodebuginfo
%define goipath github.com/aquasecurity/trivy
Name: trivy Name: trivy
Version: 0.9.2 Version: 0.12.0
Release: 0 Release: 0
Summary: Vulnerability Scanner for Containers Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0 License: Apache-2.0
Group: System/Management Group: System/Management
URL: https://github.com/aquasecurity/trivy URL: https://github.com/aquasecurity/trivy
Source0: %{name}-%{version}.tar.gz Source: %{name}-%{version}.tar.gz
Source1: vendor.tar.gz Source1: vendor.tar.gz
BuildRequires: golang-packaging BuildRequires: golang-packaging
BuildRequires: golang(API) >= 1.13 BuildRequires: golang(API) = 1.13
# As specified in their documentation. The version of these packages doesn't
# seem to matter too much.
Requires: git-core
Requires: ca-certificates
Requires: rpm
%{go_nostrip}
%description %description
A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Trivy (`tri` pronounced like trigger, `vy` pronounced like envy) is a simple and
Suitable for CI. comprehensive vulnerability scanner for containers and other artifacts. A
software vulnerability is a glitch, flaw, or weakness present in the software or
in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine,
RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn,
etc.). Trivy is easy to use. Just install the binary and you're ready to
scan. All you need to do for scanning is to specify a target such as an image
name of the container.
%prep %prep
%setup -q -n %{name}-%{version} %setup -q -a1
%setup -q -T -D -a 1
# Even though this is a bit ugly because it falls outside of the scope of the
# original intent of the `LDFLAGS` variable, it's useful to do it once just so
# we don't have to patch both `build` and `install`.
sed -i -e 's|LDFLAGS=|LDFLAGS=-buildmode=pie -mod vendor |g' Makefile
%build %build
%goprep %{goipath} make build VERSION=%{version}
export CGO_ENABLED=0
%gobuild -mod vendor cmd/trivy
%install %install
%goinstall make install VERSION=%{version}
install -D -m 0755 ~/go/bin/%{name} "%{buildroot}/%{_bindir}/%{name}"
%files %files
%license LICENSE %license LICENSE
%doc README.md %doc README.md
%{_bindir}/trivy %{_bindir}/%{name}
%changelog %changelog

BIN
vendor.tar.gz (Stored with Git LFS)

Binary file not shown.