From 4be259acac1b375ed5986ae1ffa3b531be0aa44a Mon Sep 17 00:00:00 2001 From: Laurent Goderre <laurent.goderre@docker.com> Date: Tue, 26 Sep 2023 09:27:40 -0400 Subject: [PATCH] fixup --- 3.10/alpine/Dockerfile | 18 ++++++++--- 3.11/alpine/Dockerfile | 18 ++++++++--- 3.12/alpine/Dockerfile | 18 ++++++++--- 3.13-rc/alpine/Dockerfile | 18 ++++++++--- 3.9/alpine/Dockerfile | 18 ++++++++--- Dockerfile-alpine.template | 66 +++++++++++++++++++++++++------------- 6 files changed, 109 insertions(+), 47 deletions(-) diff --git a/3.10/alpine/Dockerfile b/3.10/alpine/Dockerfile index cd2cab55..e8c0894f 100644 --- a/3.10/alpine/Dockerfile +++ b/3.10/alpine/Dockerfile @@ -196,14 +196,18 @@ FROM alpine:3.18 # OPENSSL/ERLANG_INSTALL_PATH_PREFIX are defined in a different stage, so define them again ENV ERLANG_INSTALL_PATH_PREFIX /opt/erlang ENV OPENSSL_INSTALL_PATH_PREFIX /opt/openssl + COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX +COPY <<OPENSSL_SPDX /opt/openssl/openssl.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-sbom","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]}]} +OPENSSL_SPDX + COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX -ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH +COPY <<ERLANG_SPDX /opt/erlang/erlang.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"erlang-sbom","packages":[{"name":"erlang","versionInfo":"25.3.2.6","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@25.3.2.6?os_name=alpine&os_version=3.18"}]}]} +ERLANG_SPDX -RUN mkdir -p /usr/local/share/sbom/ && \ -<<EOT cat > /usr/local/share/sbom/openssl-erlang.spdx.json -{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-erlang-sbom","documentNamespace":"https://docker.com/docker-scout/fs/sbom-61b3df18-3e41-47b8-a954-e4224f48b2f7","dataLicense":"CC0-1.0","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]},{"name":"erlang","versionInfo":"25.3.2.6","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@25.3.2.6?os_name=alpine&os_version=3.18"}]},{"name":"rabbitmq","versionInfo":"3.10.25","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:github/rabbitmq/rabbitmq-server@3.10.25"}]}]} -EOT +ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH ENV RABBITMQ_DATA_DIR /var/lib/rabbitmq @@ -302,6 +306,10 @@ RUN set -eux; \ # no stale cookies rm "$RABBITMQ_DATA_DIR/.erlang.cookie" +COPY <<RABBITMQ_SPDX /opt/rabbitmq/rabbitmq.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"rabbitmq-sbom","packages":[{"name":"rabbitmq","versionInfo":"3.10.25","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/rabbitmq@3.10.25?os_name=alpine&os_version=3.18"}]}]} +RABBITMQ_SPDX + # Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419) RUN su-exec rabbitmq rabbitmq-plugins enable --offline rabbitmq_prometheus diff --git a/3.11/alpine/Dockerfile b/3.11/alpine/Dockerfile index c4ec07a8..de773162 100644 --- a/3.11/alpine/Dockerfile +++ b/3.11/alpine/Dockerfile @@ -196,14 +196,18 @@ FROM alpine:3.18 # OPENSSL/ERLANG_INSTALL_PATH_PREFIX are defined in a different stage, so define them again ENV ERLANG_INSTALL_PATH_PREFIX /opt/erlang ENV OPENSSL_INSTALL_PATH_PREFIX /opt/openssl + COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX +COPY <<OPENSSL_SPDX /opt/openssl/openssl.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-sbom","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]}]} +OPENSSL_SPDX + COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX -ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH +COPY <<ERLANG_SPDX /opt/erlang/erlang.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"erlang-sbom","packages":[{"name":"erlang","versionInfo":"25.3.2.6","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@25.3.2.6?os_name=alpine&os_version=3.18"}]}]} +ERLANG_SPDX -RUN mkdir -p /usr/local/share/sbom/ && \ -<<EOT cat > /usr/local/share/sbom/openssl-erlang.spdx.json -{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-erlang-sbom","documentNamespace":"https://docker.com/docker-scout/fs/sbom-61b3df18-3e41-47b8-a954-e4224f48b2f7","dataLicense":"CC0-1.0","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]},{"name":"erlang","versionInfo":"25.3.2.6","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@25.3.2.6?os_name=alpine&os_version=3.18"}]},{"name":"rabbitmq","versionInfo":"3.11.23","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:github/rabbitmq/rabbitmq-server@3.11.23"}]}]} -EOT +ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH ENV RABBITMQ_DATA_DIR /var/lib/rabbitmq @@ -302,6 +306,10 @@ RUN set -eux; \ # no stale cookies rm "$RABBITMQ_DATA_DIR/.erlang.cookie" +COPY <<RABBITMQ_SPDX /opt/rabbitmq/rabbitmq.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"rabbitmq-sbom","packages":[{"name":"rabbitmq","versionInfo":"3.11.23","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/rabbitmq@3.11.23?os_name=alpine&os_version=3.18"}]}]} +RABBITMQ_SPDX + # Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419) RUN su-exec rabbitmq rabbitmq-plugins enable --offline rabbitmq_prometheus diff --git a/3.12/alpine/Dockerfile b/3.12/alpine/Dockerfile index 7f7512d3..5bb377cc 100644 --- a/3.12/alpine/Dockerfile +++ b/3.12/alpine/Dockerfile @@ -196,14 +196,18 @@ FROM alpine:3.18 # OPENSSL/ERLANG_INSTALL_PATH_PREFIX are defined in a different stage, so define them again ENV ERLANG_INSTALL_PATH_PREFIX /opt/erlang ENV OPENSSL_INSTALL_PATH_PREFIX /opt/openssl + COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX +COPY <<OPENSSL_SPDX /opt/openssl/openssl.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-sbom","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]}]} +OPENSSL_SPDX + COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX -ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH +COPY <<ERLANG_SPDX /opt/erlang/erlang.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"erlang-sbom","packages":[{"name":"erlang","versionInfo":"25.3.2.6","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@25.3.2.6?os_name=alpine&os_version=3.18"}]}]} +ERLANG_SPDX -RUN mkdir -p /usr/local/share/sbom/ && \ -<<EOT cat > /usr/local/share/sbom/openssl-erlang.spdx.json -{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-erlang-sbom","documentNamespace":"https://docker.com/docker-scout/fs/sbom-61b3df18-3e41-47b8-a954-e4224f48b2f7","dataLicense":"CC0-1.0","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]},{"name":"erlang","versionInfo":"25.3.2.6","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@25.3.2.6?os_name=alpine&os_version=3.18"}]},{"name":"rabbitmq","versionInfo":"3.12.6","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:github/rabbitmq/rabbitmq-server@3.12.6"}]}]} -EOT +ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH ENV RABBITMQ_DATA_DIR /var/lib/rabbitmq @@ -302,6 +306,10 @@ RUN set -eux; \ # no stale cookies rm "$RABBITMQ_DATA_DIR/.erlang.cookie" +COPY <<RABBITMQ_SPDX /opt/rabbitmq/rabbitmq.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"rabbitmq-sbom","packages":[{"name":"rabbitmq","versionInfo":"3.12.6","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/rabbitmq@3.12.6?os_name=alpine&os_version=3.18"}]}]} +RABBITMQ_SPDX + # Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419) RUN su-exec rabbitmq rabbitmq-plugins enable --offline rabbitmq_prometheus diff --git a/3.13-rc/alpine/Dockerfile b/3.13-rc/alpine/Dockerfile index cd1c7de4..818a2d3d 100644 --- a/3.13-rc/alpine/Dockerfile +++ b/3.13-rc/alpine/Dockerfile @@ -196,14 +196,18 @@ FROM alpine:3.18 # OPENSSL/ERLANG_INSTALL_PATH_PREFIX are defined in a different stage, so define them again ENV ERLANG_INSTALL_PATH_PREFIX /opt/erlang ENV OPENSSL_INSTALL_PATH_PREFIX /opt/openssl + COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX +COPY <<OPENSSL_SPDX /opt/openssl/openssl.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-sbom","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]}]} +OPENSSL_SPDX + COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX -ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH +COPY <<ERLANG_SPDX /opt/erlang/erlang.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"erlang-sbom","packages":[{"name":"erlang","versionInfo":"26.1","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@26.1?os_name=alpine&os_version=3.18"}]}]} +ERLANG_SPDX -RUN mkdir -p /usr/local/share/sbom/ && \ -<<EOT cat > /usr/local/share/sbom/openssl-erlang.spdx.json -{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-erlang-sbom","documentNamespace":"https://docker.com/docker-scout/fs/sbom-61b3df18-3e41-47b8-a954-e4224f48b2f7","dataLicense":"CC0-1.0","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]},{"name":"erlang","versionInfo":"26.1","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@26.1?os_name=alpine&os_version=3.18"}]},{"name":"rabbitmq","versionInfo":"3.13.0-beta.6","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:github/rabbitmq/rabbitmq-server@3.13.0-beta.6"}]}]} -EOT +ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH ENV RABBITMQ_DATA_DIR /var/lib/rabbitmq @@ -302,6 +306,10 @@ RUN set -eux; \ # no stale cookies rm "$RABBITMQ_DATA_DIR/.erlang.cookie" +COPY <<RABBITMQ_SPDX /opt/rabbitmq/rabbitmq.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"rabbitmq-sbom","packages":[{"name":"rabbitmq","versionInfo":"3.13.0-beta.6","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/rabbitmq@3.13.0-beta.6?os_name=alpine&os_version=3.18"}]}]} +RABBITMQ_SPDX + # Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419) RUN su-exec rabbitmq rabbitmq-plugins enable --offline rabbitmq_prometheus diff --git a/3.9/alpine/Dockerfile b/3.9/alpine/Dockerfile index dc9db185..4a14ea96 100644 --- a/3.9/alpine/Dockerfile +++ b/3.9/alpine/Dockerfile @@ -196,14 +196,18 @@ FROM alpine:3.18 # OPENSSL/ERLANG_INSTALL_PATH_PREFIX are defined in a different stage, so define them again ENV ERLANG_INSTALL_PATH_PREFIX /opt/erlang ENV OPENSSL_INSTALL_PATH_PREFIX /opt/openssl + COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX +COPY <<OPENSSL_SPDX /opt/openssl/openssl.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-sbom","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]}]} +OPENSSL_SPDX + COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX -ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH +COPY <<ERLANG_SPDX /opt/erlang/erlang.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"erlang-sbom","packages":[{"name":"erlang","versionInfo":"25.3.2.6","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@25.3.2.6?os_name=alpine&os_version=3.18"}]}]} +ERLANG_SPDX -RUN mkdir -p /usr/local/share/sbom/ && \ -<<EOT cat > /usr/local/share/sbom/openssl-erlang.spdx.json -{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"openssl-erlang-sbom","documentNamespace":"https://docker.com/docker-scout/fs/sbom-61b3df18-3e41-47b8-a954-e4224f48b2f7","dataLicense":"CC0-1.0","packages":[{"name":"openssl","versionInfo":"3.1.3","SPDXID":"SPDXRef-Package--openssl","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/openssl@3.1.3?os_name=alpine&os_version=3.18"}]},{"name":"erlang","versionInfo":"25.3.2.6","SPDXID":"SPDXRef-Package--erlang","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:apk/alpine/erlang@25.3.2.6?os_name=alpine&os_version=3.18"}]},{"name":"rabbitmq","versionInfo":"3.9.29","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:github/rabbitmq/rabbitmq-server@3.9.29"}]}]} -EOT +ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH ENV RABBITMQ_DATA_DIR /var/lib/rabbitmq @@ -302,6 +306,10 @@ RUN set -eux; \ # no stale cookies rm "$RABBITMQ_DATA_DIR/.erlang.cookie" +COPY <<RABBITMQ_SPDX /opt/rabbitmq/rabbitmq.spdx.json +{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"rabbitmq-sbom","packages":[{"name":"rabbitmq","versionInfo":"3.9.29","SPDXID":"SPDXRef-Package--rabbitmq","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/rabbitmq@3.9.29?os_name=alpine&os_version=3.18"}]}]} +RABBITMQ_SPDX + # Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419) RUN su-exec rabbitmq rabbitmq-plugins enable --offline rabbitmq_prometheus diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index 2bd01c9c..13c49786 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -230,19 +230,14 @@ FROM alpine:{{ .alpine.version }} # OPENSSL/ERLANG_INSTALL_PATH_PREFIX are defined in a different stage, so define them again ENV ERLANG_INSTALL_PATH_PREFIX /opt/erlang ENV OPENSSL_INSTALL_PATH_PREFIX /opt/openssl -COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX -COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX -ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH -RUN mkdir -p /usr/local/share/sbom/ && \ -<<EOT cat > /usr/local/share/sbom/openssl-erlang.spdx.json +COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX +COPY <<OPENSSL_SPDX /opt/openssl/openssl.spdx.json {{ { spdxVersion: "SPDX-2.3", SPDXID: "SPDXRef-DOCUMENT", - name: "openssl-erlang-sbom", - documentNamespace: "https://docker.com/docker-scout/fs/sbom-61b3df18-3e41-47b8-a954-e4224f48b2f7", - dataLicense: "CC0-1.0", + name: "openssl-sbom", packages: [ { name: "openssl", @@ -255,7 +250,20 @@ RUN mkdir -p /usr/local/share/sbom/ && \ referenceLocator: ("pkg:apk/alpine/openssl@" + .openssl.version +"?os_name=alpine\u0026os_version=" + .alpine.version) } ] - }, + } + ] + } | tostring +}} +OPENSSL_SPDX + +COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX +COPY <<ERLANG_SPDX /opt/erlang/erlang.spdx.json +{{ + { + spdxVersion: "SPDX-2.3", + SPDXID: "SPDXRef-DOCUMENT", + name: "erlang-sbom", + packages: [ { name: "erlang", versionInfo: .otp.version, @@ -267,23 +275,13 @@ RUN mkdir -p /usr/local/share/sbom/ && \ referenceLocator: ("pkg:apk/alpine/erlang@" + .otp.version +"?os_name=alpine\u0026os_version=" + .alpine.version) } ] - }, - { - name: "rabbitmq", - versionInfo: .version, - SPDXID: "SPDXRef-Package--rabbitmq", - externalRefs: [ - { - referenceCategory: "PACKAGE-MANAGER", - referenceType: "purl", - referenceLocator: ("pkg:github/rabbitmq/rabbitmq-server@" + .version) - } - ] } ] } | tostring }} -EOT +ERLANG_SPDX + +ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH ENV RABBITMQ_DATA_DIR /var/lib/rabbitmq @@ -382,6 +380,30 @@ RUN set -eux; \ # no stale cookies rm "$RABBITMQ_DATA_DIR/.erlang.cookie" +COPY <<RABBITMQ_SPDX /opt/rabbitmq/rabbitmq.spdx.json +{{ + { + spdxVersion: "SPDX-2.3", + SPDXID: "SPDXRef-DOCUMENT", + name: "rabbitmq-sbom", + packages: [ + { + name: "rabbitmq", + versionInfo: .version, + SPDXID: "SPDXRef-Package--rabbitmq", + externalRefs: [ + { + referenceCategory: "PACKAGE-MANAGER", + referenceType: "purl", + referenceLocator: ("pkg:generic/rabbitmq@" + .version + "?os_name=alpine\u0026os_version=" + .alpine.version) + } + ] + } + ] + } | tostring +}} +RABBITMQ_SPDX + # Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419) RUN su-exec rabbitmq rabbitmq-plugins enable --offline rabbitmq_prometheus