diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 65645068..00000000 --- a/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM golang:1.17-alpine as builder - -ARG DB_TYPE=trivy - -WORKDIR /build -COPY . /build -SHELL ["/bin/sh", "-o", "pipefail", "-c"] - -RUN apk --no-cache add make gzip - -RUN DB_TYPE=${DB_TYPE} make db-all - -FROM scratch -COPY --from=builder /build/assets/trivy*.db.gz . diff --git a/README.md b/README.md index e07070a1..2687e804 100644 --- a/README.md +++ b/README.md @@ -49,11 +49,22 @@ GLOBAL OPTIONS: ``` ### Building the DB -You can utilize `make db-all` to build the database, the DB artifact is outputted to the assets folder. - -Alternatively Docker is supported, you can run `docker build . -t trivy-db`. +To build trivy-db locally, you can use the following order of commands from the Makefile: +```bash +make db-fetch-langs db-fetch-vuln-list // To download all advisories and other required files (`./cache` dir by default) +make build // Build `trivy-db` binary +make db-build // Build database (`./out` dir by default) +make db-compact // Compact database (`./assets` dir by default) +make db-compress // Compress database into `db.tar.gz` file +``` -If you want to build a trivy integration test DB, please run `make create-test-db` +To build trivy-db image and push into registry, you need to use [Oras CLI](https://oras.land/cli/). +For example for `ghcr`: +```bash +./oras push --artifact-type application/vnd.aquasec.trivy.config.v1+json \ +"ghcr.io/aquasecurity/trivy-db:2" \ +db.tar.gz:application/vnd.aquasec.trivy.db.layer.v1.tar+gzip +``` ## Update interval Trivy DB is built every 6 hours.