docker-library
/
postgres
mirror of https://github.com/docker-library/postgres.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1135 from LaurentGoderre/more-sbom 

Added inline SBOM for binaries downloaded outside package manager
This commit is contained in:
Laurent Goderre 2023-10-04 11:30:16 -04:00 committed by GitHub
parent 591d3dd41d 6f4ae83640
commit 2bff0ce33b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
15 changed files with 57 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +1,2 @@
.jq-template.awk
template-helper-functions.jq

4
11/alpine3.17/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.21","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.21?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
11/alpine3.18/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"11.21","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@11.21?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
12/alpine3.17/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.16","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.16?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
12/alpine3.18/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"12.16","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@12.16?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
13/alpine3.17/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.12","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.12?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
13/alpine3.18/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@ -151,7 +152,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"13.12","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@13.12?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
14/alpine3.17/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@ -154,7 +155,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.9","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.9?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
14/alpine3.18/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@ -154,7 +155,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"14.9","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@14.9?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
15/alpine3.17/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@ -157,7 +158,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.4","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.4?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
15/alpine3.18/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@ -157,7 +158,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"15.4","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@15.4?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
16/alpine3.17/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.17
# 70 is the standard uid/gid for "postgres" in Alpine
@ -156,7 +157,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.0","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.0?os_name=alpine&os_version=3.17"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

4
16/alpine3.18/Dockerfile generated
View File

@ -4,6 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
FROM alpine:3.18
# 70 is the standard uid/gid for "postgres" in Alpine
@ -156,7 +157,8 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"postgres-sbom","packages":[{"name":"postgres","versionInfo":"16.0","SPDXID":"SPDXRef-Package--postgres","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/postgres@16.0?os_name=alpine&os_version=3.18"}],"licenseDeclared":"PostgreSQL"}]}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

16
Dockerfile-alpine.template
View File

@ -1,3 +1,4 @@
{{ include "template-helper-functions" }}
FROM alpine:{{ env.variant | ltrimstr("alpine") }}
# 70 is the standard uid/gid for "postgres" in Alpine
@ -164,7 +165,20 @@ RUN set -eux; \
/usr/local/share/doc \
/usr/local/share/man \
; \
\
echo '{{
{
name: "postgres",
version: .version,
params: {
os_name: "alpine",
os_version: env.variant | ltrimstr("alpine"),
},
licenses: [
"PostgreSQL"
]
} | sbom | tostring
}}' > /usr/local/postgres.spdx.json \
; \
postgres --version
# make the sample config easier to munge (and "correct by default")

5
apply-templates.sh
View File

@ -13,6 +13,11 @@ elif [ "$BASH_SOURCE" -nt "$jqt" ]; then
wget -qO "$jqt" 'https://github.com/docker-library/bashbrew/raw/9f6a35772ac863a0241f147c820354e4008edf38/scripts/jq-template.awk'
fi
jqf='template-helper-functions.jq'
if [ "$BASH_SOURCE" -nt "$jqf" ]; then
wget -qO "$jqf" 'https://github.com/docker-library/bashbrew/raw/master/scripts/template-helper-functions.jq'
fi
if [ "$#" -eq 0 ]; then
versions="$(jq -r 'keys | map(@sh) | join(" ")' versions.json)"
eval "set -- $versions"