[bitnami/trivy] Release trivy-0.60.0-debian-12-r2 (#79033)

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>
2026-03-20 14:58:20 +08:00 · 2025-03-19 17:08:34 +01:00
parent 727212e3e6
commit c3bf35ddd8
4 changed files with 3902 additions and 25 deletions
--- a/bitnami/trivy/0/debian-12/Dockerfile
+++ b/bitnami/trivy/0/debian-12/Dockerfile
@@ -1,34 +1,21 @@
 # Copyright Broadcom, Inc. All Rights Reserved.
 # SPDX-License-Identifier: APACHE-2.0
-FROM docker.io/bitnami/minideb:bookworm
+FROM docker.io/bitnami/minideb:bookworm as builder
 ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith"
 ARG TARGETARCH
-LABEL com.vmware.cp.artifact.flavor="sha256:c50c90cfd9d12b445b011e6ad529f1ad3daea45c26d20b00732fae3cd71f6a83" \
+ENV OS_ARCH="${TARGETARCH:-amd64}"
      org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \
      org.opencontainers.image.created="2025-03-15T21:23:59Z" \
      org.opencontainers.image.description="Application packaged by Broadcom, Inc." \
      org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/trivy/README.md" \
      org.opencontainers.image.ref.name="0.60.0-debian-12-r1" \
      org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/trivy" \
      org.opencontainers.image.title="trivy" \
      org.opencontainers.image.vendor="Broadcom, Inc." \
      org.opencontainers.image.version="0.60.0"
 ENV HOME="/" \
    OS_ARCH="${TARGETARCH:-amd64}" \
    OS_FLAVOUR="debian-12" \
    OS_NAME="linux"
 COPY prebuildfs /
 SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"]
 # Install required system packages and dependencies
-RUN install_packages ca-certificates curl procps
+RUN install_packages ca-certificates curl
 RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \
    COMPONENTS=( \
-      "trivy-0.60.0-0-linux-${OS_ARCH}-debian-12" \
+      "trivy-0.60.0-1-linux-${OS_ARCH}-debian-12" \
    ) ; \
    for COMPONENT in "${COMPONENTS[@]}"; do \
      if [ ! -f "${COMPONENT}.tar.gz" ]; then \
@@ -39,17 +26,39 @@ RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \
      tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \
      rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \
    done
-RUN apt-get autoremove --purge -y curl && \
+RUN mkdir -p /opt/bitnami/rootfs/.cache && chmod g+rwX /opt/bitnami/rootfs/.cache
-    apt-get update && apt-get upgrade -y && \
+RUN mkdir -p /opt/bitnami/rootfs/tmp && chmod g+rwX /opt/bitnami/rootfs/tmp
-    apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives
+
-RUN chmod g+rwX /opt/bitnami
+######
-RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true
+
-RUN mkdir /.cache && chmod g+rwX /.cache
+FROM scratch
 ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith"
 ARG TARGETARCH
 ENV OS_ARCH="${TARGETARCH:-amd64}"
 LABEL com.vmware.cp.artifact.flavor="sha256:c50c90cfd9d12b445b011e6ad529f1ad3daea45c26d20b00732fae3cd71f6a83" \
      org.opencontainers.image.base.name="scratch" \
      org.opencontainers.image.created="2025-03-19T15:51:27Z" \
      org.opencontainers.image.description="Application packaged by Broadcom, Inc." \
      org.opencontainers.image.ref.name="0.60.0-debian-12-r2" \
      org.opencontainers.image.title="trivy" \
      org.opencontainers.image.vendor="Broadcom, Inc." \
      org.opencontainers.image.version="0.60.0"
 COPY rootfs /
 COPY --from=builder /opt/bitnami/rootfs /
 COPY --from=builder /opt/bitnami/trivy/.spdx-trivy.spdx /opt/bitnami/trivy/.spdx-trivy.spdx
 COPY --from=builder /opt/bitnami/trivy/bin/trivy /opt/bitnami/trivy/bin/trivy
 COPY --from=builder /opt/bitnami/trivy/licenses /opt/bitnami/trivy/licenses
 ENV APP_VERSION="0.60.0" \
    BITNAMI_APP_NAME="trivy" \
    PATH="/opt/bitnami/trivy/bin:$PATH"
 USER 1001
 ENTRYPOINT [ "trivy" ]
 CMD [ "--help" ]
--- a/bitnami/trivy/0/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/trivy/0/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json
@@ -3,6 +3,6 @@
        "arch": "amd64",
        "distro": "debian-12",
        "type": "NAMI",
-        "version": "0.60.0-0"
+        "version": "0.60.0-1"
    }
 }
--- a/bitnami/trivy/0/debian-12/rootfs/etc/ssl/certs/ca-certificates.crt
+++ b/bitnami/trivy/0/debian-12/rootfs/etc/ssl/certs/ca-certificates.crt
--- a/bitnami/trivy/README.md
+++ b/bitnami/trivy/README.md
@@ -78,6 +78,10 @@ Check the [official Trivy documentation](https://github.com/aquasecurity/trivy#u
 ## Notable Changes
 ### 0.60.0-debian-12-r2
 * This image revision dramatically reduces the image given it removes the existing OS distro. Instead, it simply includes the NATS binary on top of a scratch base image.
 ### Starting January 16, 2024
 * The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes.