opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-08 14:48:48 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
1aab8f5fb594251106022f455cebb6d0b51b8f20
podman/vendor/github.com/containers/buildah/internal/sbom/presets.go
Matt Heon 2818abf849 Update to runc main, removing pin to an older version 
We were pinned to a specific commit to ensure that tests kept
passing. Hopefully they pass now, as we need to grab latest runc
for CVE fixes.

Also grab Buildah main to fix a build issue on FreeBSD. After a
botched manual vendor, I used Ed's treadmill script and squashed
it into this commit to make Git happy. Thanks bunches Ed.

Signed-off-by: Matt Heon <mheon@redhat.com>
2024-02-02 08:11:17 -05:00

66 lines
2.4 KiB
Go
Raw Blame History

package sbom
import "github.com/containers/buildah/define"
// Preset returns a predefined SBOMScanOptions structure that has the passed-in
// name as one of its "Type" values.
func Preset(name string) (preset *define.SBOMScanOptions, err error) {
// If you change these, make sure you update references in
// buildah-commit.1.md and buildah-build.1.md to match!
presets := []define.SBOMScanOptions{
{
Type: []string{"", "syft", "syft-cyclonedx"},
Image: "ghcr.io/anchore/syft",
Commands: []string{
"/syft scan -q dir:{ROOTFS} --output cyclonedx-json={OUTPUT}",
"/syft scan -q dir:{CONTEXT} --output cyclonedx-json={OUTPUT}",
},
// ImageSBOMOutput: "/root/buildinfo/content_manifests/sbom-cyclonedx.json",
// ImagePURLOutput: "/root/buildinfo/content_manifests/sbom-purl.json",
MergeStrategy: define.SBOMMergeStrategyCycloneDXByComponentNameAndVersion,
},
{
Type: []string{"syft-spdx"},
Image: "ghcr.io/anchore/syft",
Commands: []string{
"/syft scan -q dir:{ROOTFS} --output spdx-json={OUTPUT}",
"/syft scan -q dir:{CONTEXT} --output spdx-json={OUTPUT}",
},
// ImageSBOMOutput: "/root/buildinfo/content_manifests/sbom-spdx.json",
// ImagePURLOutput: "/root/buildinfo/content_manifests/sbom-purl.json",
MergeStrategy: define.SBOMMergeStrategySPDXByPackageNameAndVersionInfo,
},
{
Type: []string{"trivy", "trivy-cyclonedx"},
Image: "ghcr.io/aquasecurity/trivy",
Commands: []string{
"trivy filesystem -q {ROOTFS} --format cyclonedx --output {OUTPUT}",
"trivy filesystem -q {CONTEXT} --format cyclonedx --output {OUTPUT}",
},
// ImageSBOMOutput: "/root/buildinfo/content_manifests/sbom-cyclonedx.json",
// ImagePURLOutput: "/root/buildinfo/content_manifests/sbom-purl.json",
MergeStrategy: define.SBOMMergeStrategyCycloneDXByComponentNameAndVersion,
},
{
Type: []string{"trivy-spdx"},
Image: "ghcr.io/aquasecurity/trivy",
Commands: []string{
"trivy filesystem -q {ROOTFS} --format spdx-json --output {OUTPUT}",
"trivy filesystem -q {CONTEXT} --format spdx-json --output {OUTPUT}",
},
// ImageSBOMOutput: "/root/buildinfo/content_manifests/sbom-spdx.json",
// ImagePURLOutput: "/root/buildinfo/content_manifests/sbom-purl.json",
MergeStrategy: define.SBOMMergeStrategySPDXByPackageNameAndVersionInfo,
},
}
for _, preset := range presets {
for _, presetName := range preset.Type {
if presetName == name {
return &preset, nil
}
}
}
return nil, nil
}
Reference in New Issue View Git Blame Copy Permalink