Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add support for dnf packages #2758

Closed
fmenezes opened this issue Apr 8, 2024 · 1 comment
Closed

Add support for dnf packages #2758

fmenezes opened this issue Apr 8, 2024 · 1 comment
Labels
enhancement New feature or request

Comments

@fmenezes
Copy link

fmenezes commented Apr 8, 2024
edited
Loading

What would you like to be added:
Cataloging of dnf packages (similar to dpkg or rpm catalogers)

Why is this needed:
We are missing OS level packages for dnf systems (like redhat)

Additional context:
I've published this Dockerfile into mongodb/apix_test:sbomtest

FROM redhat/ubi9
RUN echo -e '[mongodb-org-7.0]\n\
name=MongoDB Repository\n\
baseurl=https://repo.mongodb.org/yum/redhat/9/mongodb-org/7.0/$basearch/\n\
gpgcheck=1\n\
enabled=1\n\
gpgkey=https://pgp.mongodb.com/server-7.0.asc\n' > /etc/yum.repos.d/mongodb-org-7.0.repo && mkdir -p /data/db && dnf update -y && dnf install -y mongodb-org-server-7.0.8 && dnf clean all
CMD mongod

if I run syft mongodb/apix_test:sbomtest I see no mention of mongodb-org-server-7.0.8 package or mongod binary in the report.
@fmenezes fmenezes added the enhancement New feature or request label Apr 8, 2024
@fmenezes fmenezes changed the title dnf packages Add support for dnf packages Apr 8, 2024
@fmenezes
Copy link
Author

fmenezes commented Apr 8, 2024
edited
Loading

Looks like this is indeed working.

There is a difference in version between docker sbom mongodb/apix_test:sbomtest and syft mongodb/apix_test:sbomtest, the syft version seems old in docker cli.

Apologies for the noise.

@fmenezes fmenezes closed this as completed Apr 8, 2024
@github-project-automation github-project-automation bot moved this to Done in OSS Apr 8, 2024
@BrewTestBot BrewTestBot mentioned this issue Apr 12, 2024
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
OSS
Archived in project
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fmenezes