diff --git a/.gitignore b/.gitignore index d548f66de02..c8db931ea83 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ .jq-template.awk +.template-helper-functions.jq diff --git a/10/Dockerfile b/10/Dockerfile index 55e3b40dfcf..c0e1065f59d 100644 --- a/10/Dockerfile +++ b/10/Dockerfile @@ -125,7 +125,8 @@ RUN set -ex; \ \ apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"gcc-sbom","packages":[{"name":"gcc","versionInfo":"10.5.0","SPDXID":"SPDXRef-Package--gcc","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/gcc@10.5.0?os_name=debian&os_version=bullseye"}],"licenseDeclared":"Apache-2.0"}]}' > /usr/local/gcc.spdx.json; # gcc installs .so files in /usr/local/lib64 (and /usr/local/lib)... RUN set -ex; \ diff --git a/11/Dockerfile b/11/Dockerfile index a3f97decba5..00d0c8eb1e5 100644 --- a/11/Dockerfile +++ b/11/Dockerfile @@ -126,7 +126,8 @@ RUN set -ex; \ \ apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"gcc-sbom","packages":[{"name":"gcc","versionInfo":"11.4.0","SPDXID":"SPDXRef-Package--gcc","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/gcc@11.4.0?os_name=debian&os_version=bullseye"}],"licenseDeclared":"Apache-2.0"}]}' > /usr/local/gcc.spdx.json; # gcc installs .so files in /usr/local/lib64 (and /usr/local/lib)... RUN set -ex; \ diff --git a/12/Dockerfile b/12/Dockerfile index f5d0054ef7b..96d3c96235f 100644 --- a/12/Dockerfile +++ b/12/Dockerfile @@ -126,7 +126,8 @@ RUN set -ex; \ \ apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"gcc-sbom","packages":[{"name":"gcc","versionInfo":"12.3.0","SPDXID":"SPDXRef-Package--gcc","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/gcc@12.3.0?os_name=debian&os_version=bookworm"}],"licenseDeclared":"Apache-2.0"}]}' > /usr/local/gcc.spdx.json; # gcc installs .so files in /usr/local/lib64 (and /usr/local/lib)... RUN set -ex; \ diff --git a/13/Dockerfile b/13/Dockerfile index d969abfa4f7..92c64dcb187 100644 --- a/13/Dockerfile +++ b/13/Dockerfile @@ -126,7 +126,8 @@ RUN set -ex; \ \ apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"gcc-sbom","packages":[{"name":"gcc","versionInfo":"13.2.0","SPDXID":"SPDXRef-Package--gcc","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/gcc@13.2.0?os_name=debian&os_version=bookworm"}],"licenseDeclared":"Apache-2.0"}]}' > /usr/local/gcc.spdx.json; # gcc installs .so files in /usr/local/lib64 (and /usr/local/lib)... RUN set -ex; \ diff --git a/9/Dockerfile b/9/Dockerfile index bc196a97cd1..842ef36e1c7 100644 --- a/9/Dockerfile +++ b/9/Dockerfile @@ -125,7 +125,8 @@ RUN set -ex; \ \ apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"gcc-sbom","packages":[{"name":"gcc","versionInfo":"9.5.0","SPDXID":"SPDXRef-Package--gcc","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/gcc@9.5.0?os_name=debian&os_version=bullseye"}],"licenseDeclared":"Apache-2.0"}]}' > /usr/local/gcc.spdx.json; # gcc installs .so files in /usr/local/lib64 (and /usr/local/lib)... RUN set -ex; \ diff --git a/Dockerfile.template b/Dockerfile.template index cc90d0e0bfd..516060ed1c3 100644 --- a/Dockerfile.template +++ b/Dockerfile.template @@ -1,3 +1,4 @@ +{{ include ".template-helper-functions" -}} FROM buildpack-deps:{{ .debian.version }} # https://gcc.gnu.org/mirrors.html @@ -124,7 +125,20 @@ RUN set -ex; \ \ apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + echo {{ + { + name: "gcc", + version: .version, + params: { + os_name: "debian", + os_version: .debian.version + }, + licenses: [ + "Apache-2.0" + ] + } | sbom | tostring | @sh + }} > /usr/local/gcc.spdx.json; # gcc installs .so files in /usr/local/lib64 (and /usr/local/lib)... RUN set -ex; \ diff --git a/apply-templates.sh b/apply-templates.sh index 1ce24b3dd1b..2498ac44e90 100755 --- a/apply-templates.sh +++ b/apply-templates.sh @@ -11,6 +11,13 @@ elif [ "$BASH_SOURCE" -nt "$jqt" ]; then wget -qO "$jqt" 'https://github.com/docker-library/bashbrew/raw/9f6a35772ac863a0241f147c820354e4008edf38/scripts/jq-template.awk' fi +jqf='.template-helper-functions.jq' +if [ -n "${BASHBREW_SCRIPTS:-}" ]; then + jqf="$BASHBREW_SCRIPTS/template-helper-functions.jq" +elif [ "$BASH_SOURCE" -nt "$jqf" ]; then + wget -qO "$jqf" 'https://github.com/docker-library/bashbrew/raw/08c926140ad0af22de58c2a2656afda58082ba3e/scripts/template-helper-functions.jq' +fi + if [ "$#" -eq 0 ]; then versions="$(jq -r 'keys | map(@sh) | join(" ")' versions.json)" eval "set -- $versions" diff --git a/versions.sh b/versions.sh index 12d8a9ce33a..b5e2fc62db7 100755 --- a/versions.sh +++ b/versions.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -Eeuo pipefail # the libc created by gcc might be too old for a newer Debian: