Overview

File post-build-checks-containers.spec of Package post-build-checks-containers.41016

Name:           post-build-checks-containers
Version:        0.1
Release:        0
Summary:        OBS post-build hooks for Containers
License:        GPL-2.0
Group:          Development/Tools/Building
URL:            http://www.suse.com/security
Source0:        80-antivirus-scan-clamav
Source1:        80-vulnerability-scan-trivy
Source2:        80-vulnerability-scan-neuvector
Requires:       clamav
Requires:       clamav-database
Requires:       jq
#Requires:       neuvector-scanner
#Requires:       neuvector-scanner-database
Requires:       trivy
Requires:       trivy-database
Requires:       python3
Requires:       coreutils

%description
OBS post-build hooks to be executed for scanning containers. These hooks mainly
consists of performing actions such as antivirus scans (via ClamAV) or
vulnerability scans (via Trivy, NeuVector), generating artifacts that can later
be attached to relevant OCI container image artifacts as OCI attestations.

%prep

%build

%install
install -D -m 0755 -t %{buildroot}%{_prefix}/lib/build/post-build-checks %{SOURCE0}

%ifnarch s390x
# currently have a bit of endianess issue with the trivy db
install -D -m 0755 -t %{buildroot}%{_prefix}/lib/build/post-build-checks %{SOURCE1}
%endif

%files
%dir %{_prefix}/lib/build
%dir %{_prefix}/lib/build/post-build-checks
%{_prefix}/lib/build/post-build-checks/*

%changelog
openSUSE Build Service is sponsored by
Places