From e17e361ed4815ac4001cb81f6848a730600ddb62 Mon Sep 17 00:00:00 2001
From: prabhu <prabhu@appthreat.com>
Date: Sat, 26 Oct 2024 00:00:10 +0100
Subject: [PATCH] Arm32 package (#25)

* Arm32 package

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

---------

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
---
 .github/workflows/release.yml         | 15 ++++++------
 .github/workflows/test.yml            | 23 +++++-------------
 build.sh                              |  2 +-
 package-lock.json                     |  4 ++--
 package.json                          |  2 +-
 packages/darwin-amd64/package.json    |  2 +-
 packages/darwin-arm64/package.json    |  2 +-
 packages/linux-arm/build-linux-arm.sh | 17 ++++++++++++++
 packages/linux-arm/index.js           |  8 +++++++
 packages/linux-arm/package.json       | 34 +++++++++++++++++++++++++++
 packages/linux-arm/plugins/.gitignore |  6 +++++
 packages/linux-arm/plugins/.gitkeep   |  0
 packages/linux-arm/plugins/.npmignore |  0
 packages/linux-arm64/package.json     |  2 +-
 packages/ppc64/package.json           |  2 +-
 packages/windows-amd64/package.json   |  2 +-
 packages/windows-arm64/package.json   |  2 +-
 thirdparty/trivy/Makefile             |  2 +-
 18 files changed, 89 insertions(+), 36 deletions(-)
 create mode 100755 packages/linux-arm/build-linux-arm.sh
 create mode 100644 packages/linux-arm/index.js
 create mode 100644 packages/linux-arm/package.json
 create mode 100644 packages/linux-arm/plugins/.gitignore
 create mode 100644 packages/linux-arm/plugins/.gitkeep
 create mode 100644 packages/linux-arm/plugins/.npmignore

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 03f4374..17b623c 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -25,14 +25,6 @@ jobs:
       if: matrix.os == 'ubuntu-latest'
     - uses: oras-project/setup-oras@v1
     - run: oras version
-    - uses: actions/cache@v4
-      with:
-        path: |
-          ~/.cache/go-build
-          ~/go/pkg/mod
-        key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-        restore-keys: |
-          ${{ runner.os }}-go-
     - name: Release
       run: |
         wget https://github.com/upx/upx/releases/download/v4.2.4/upx-4.2.4-amd64_linux.tar.xz
@@ -61,6 +53,13 @@ jobs:
         npm publish --access=public --@cyclonedx:registry='https://registry.npmjs.org'
         popd
 
+        pushd packages/linux-arm
+        echo "cyclonedx:registry=https://npm.pkg.github.com" > ~/.npmrc
+        npm publish --access=public --@cyclonedx:registry='https://npm.pkg.github.com'
+        echo "cyclonedx:registry=https://registry.npmjs.org" > ~/.npmrc
+        npm publish --access=public --@cyclonedx:registry='https://registry.npmjs.org'
+        popd
+
         pushd packages/windows-arm64
         echo "cyclonedx:registry=https://npm.pkg.github.com" > ~/.npmrc
         npm publish --access=public --@cyclonedx:registry='https://npm.pkg.github.com'
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index fb6cd40..d961391 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -2,7 +2,9 @@ name: Build npm package
 
 on:
   pull_request:
-
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
 jobs:
   pkg:
     runs-on: ubuntu-latest
@@ -26,14 +28,6 @@ jobs:
       if: matrix.os == 'ubuntu-latest'
     - uses: oras-project/setup-oras@v1
     - run: oras version
-    - uses: actions/cache@v4
-      with:
-        path: |
-          ~/.cache/go-build
-          ~/go/pkg/mod
-        key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-        restore-keys: |
-          ${{ runner.os }}-go-
     - name: Trim CI agent
       run: |
         chmod +x contrib/free_disk_space.sh
@@ -54,6 +48,9 @@ jobs:
         pushd packages/linux-arm64
         npm publish --dry-run
         popd
+        pushd packages/linux-arm
+        npm publish --dry-run
+        popd
         pushd packages/windows-arm64
         npm publish --dry-run
         popd
@@ -83,14 +80,6 @@ jobs:
     - uses: actions/setup-python@v5
       with:
         python-version: '3.11'
-    - uses: actions/cache@v4
-      with:
-        path: |
-          ~/.cache/go-build
-          ~/go/pkg/mod
-        key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-        restore-keys: |
-          ${{ runner.os }}-go-
     - name: Build
       run: |
         .\build.ps1
diff --git a/build.sh b/build.sh
index 5eec3d3..ec61bf1 100755
--- a/build.sh
+++ b/build.sh
@@ -37,7 +37,7 @@ upx -9 --lzma ./plugins/trivy/trivy-cdxgen-linux-amd64
 ./plugins/trivy/trivy-cdxgen-linux-amd64 -v
 ./plugins/dosai/dosai-linux-amd64 --help
 
-for flavours in windows-amd64 linux-arm64 windows-arm64 darwin-arm64 darwin-amd64 ppc64
+for flavours in windows-amd64 linux-arm64 linux-arm windows-arm64 darwin-arm64 darwin-amd64 ppc64
 do
     chmod +x packages/$flavours/build-$flavours.sh
     pushd packages/$flavours
diff --git a/package-lock.json b/package-lock.json
index 446d3b5..98a3382 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin",
-  "version": "1.6.5",
+  "version": "1.6.6",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@cyclonedx/cdxgen-plugins-bin",
-      "version": "1.6.5",
+      "version": "1.6.6",
       "cpu": [
         "x64"
       ],
diff --git a/package.json b/package.json
index a366549..160e16d 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin",
-  "version": "1.6.5",
+  "version": "1.6.6",
   "description": "Binary plugins to supercharge @cyclonedx/cdxgen npm package",
   "main": "index.js",
   "repository": {
diff --git a/packages/darwin-amd64/package.json b/packages/darwin-amd64/package.json
index 241dab0..2a96ce3 100644
--- a/packages/darwin-amd64/package.json
+++ b/packages/darwin-amd64/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin-darwin-amd64",
-  "version": "1.6.5",
+  "version": "1.6.6",
   "description": "Arm64 binary plugins to supercharge @cyclonedx/cdxgen npm package",
   "main": "index.js",
   "repository": {
diff --git a/packages/darwin-arm64/package.json b/packages/darwin-arm64/package.json
index 4d95ff3..66b0035 100644
--- a/packages/darwin-arm64/package.json
+++ b/packages/darwin-arm64/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin-darwin-arm64",
-  "version": "1.6.5",
+  "version": "1.6.6",
   "description": "Arm64 binary plugins to supercharge @cyclonedx/cdxgen npm package",
   "main": "index.js",
   "repository": {
diff --git a/packages/linux-arm/build-linux-arm.sh b/packages/linux-arm/build-linux-arm.sh
new file mode 100755
index 0000000..eb51cf3
--- /dev/null
+++ b/packages/linux-arm/build-linux-arm.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+rm -rf plugins/trivy
+rm -rf plugins/osquery
+rm -rf plugins/dosai
+mkdir -p plugins/osquery plugins/dosai
+
+curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai-linux-arm -o plugins/dosai/dosai-linux-arm
+chmod +x plugins/dosai/dosai-linux-arm
+sha256sum plugins/dosai/dosai-linux-arm > plugins/dosai/dosai-linux-arm.sha256
+
+for plug in trivy
+do
+    mkdir -p plugins/$plug
+    mv ../../plugins/$plug/*linux-arm* plugins/$plug/
+    upx -9 --lzma plugins/$plug/*linux-arm* || true
+done
diff --git a/packages/linux-arm/index.js b/packages/linux-arm/index.js
new file mode 100644
index 0000000..8e8a0f2
--- /dev/null
+++ b/packages/linux-arm/index.js
@@ -0,0 +1,8 @@
+// Debug mode flag
+const DEBUG_MODE =
+  process.env.CDXGEN_DEBUG_MODE === "debug" ||
+  process.env.NODE_ENV === "development";
+
+if (DEBUG_MODE) {
+  console.log("cdxgen plugins check");
+}
diff --git a/packages/linux-arm/package.json b/packages/linux-arm/package.json
new file mode 100644
index 0000000..23bd8dd
--- /dev/null
+++ b/packages/linux-arm/package.json
@@ -0,0 +1,34 @@
+{
+  "name": "@cyclonedx/cdxgen-plugins-bin-arm",
+  "version": "1.6.6",
+  "description": "Arm binary plugins to supercharge @cyclonedx/cdxgen npm package",
+  "main": "index.js",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/cyclonedx/cdxgen-plugins-bin.git"
+  },
+  "keywords": [
+    "cdxgen",
+    "sbom",
+    "bom",
+    "plugins",
+    "dependency",
+    "appsec"
+  ],
+  "author": "Prabhu Subramanian <prabhu@appthreat.com>",
+  "license": "Apache-2.0",
+  "bugs": {
+    "url": "https://github.com/cyclonedx/cdxgen-plugins-bin/issues"
+  },
+  "homepage": "https://github.com/cyclonedx/cdxgen-plugins-bin#readme",
+  "files": [
+    "*.js",
+    "plugins/"
+  ],
+  "os": [
+    "linux"
+  ],
+  "cpu": [
+    "arm"
+  ]
+}
diff --git a/packages/linux-arm/plugins/.gitignore b/packages/linux-arm/plugins/.gitignore
new file mode 100644
index 0000000..d8c2cac
--- /dev/null
+++ b/packages/linux-arm/plugins/.gitignore
@@ -0,0 +1,6 @@
+goversion/
+trivy/
+cargo-auditable/
+osquery/
+dosai/
+sourcekitten/
diff --git a/packages/linux-arm/plugins/.gitkeep b/packages/linux-arm/plugins/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/packages/linux-arm/plugins/.npmignore b/packages/linux-arm/plugins/.npmignore
new file mode 100644
index 0000000..e69de29
diff --git a/packages/linux-arm64/package.json b/packages/linux-arm64/package.json
index 53d7d86..efb705c 100644
--- a/packages/linux-arm64/package.json
+++ b/packages/linux-arm64/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin-arm64",
-  "version": "1.6.5",
+  "version": "1.6.6",
   "description": "Arm64 binary plugins to supercharge @cyclonedx/cdxgen npm package",
   "main": "index.js",
   "repository": {
diff --git a/packages/ppc64/package.json b/packages/ppc64/package.json
index 29fbc6b..ca33d7b 100644
--- a/packages/ppc64/package.json
+++ b/packages/ppc64/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin-ppc64",
-  "version": "1.6.5",
+  "version": "1.6.6",
   "description": "ppc64 binary plugins to supercharge @cyclonedx/cdxgen npm package",
   "main": "index.js",
   "repository": {
diff --git a/packages/windows-amd64/package.json b/packages/windows-amd64/package.json
index 14fa7eb..65aa709 100644
--- a/packages/windows-amd64/package.json
+++ b/packages/windows-amd64/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin-windows-amd64",
-  "version": "1.6.5",
+  "version": "1.6.6",
   "description": "Windows amd64 binary plugins to supercharge @cyclonedx/cdxgen npm package",
   "main": "index.js",
   "repository": {
diff --git a/packages/windows-arm64/package.json b/packages/windows-arm64/package.json
index 78a57a4..b129c18 100644
--- a/packages/windows-arm64/package.json
+++ b/packages/windows-arm64/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen-plugins-bin-windows-arm64",
-  "version": "1.6.5",
+  "version": "1.6.6",
   "description": "Arm64 binary plugins to supercharge @cyclonedx/cdxgen npm package",
   "main": "index.js",
   "repository": {
diff --git a/thirdparty/trivy/Makefile b/thirdparty/trivy/Makefile
index 0270e83..8a09529 100644
--- a/thirdparty/trivy/Makefile
+++ b/thirdparty/trivy/Makefile
@@ -12,7 +12,7 @@ all: windows linux darwin
 clean: rm -rf build/
 
 ##### LINUX BUILDS #####
-linux: build/linux_amd64 build/linux_arm64 build/linux_ppc64le
+linux: build/linux_amd64 build/linux_arm64 build/linux_arm build/linux_ppc64le
 
 build/linux_386: $(sources)
 	$(call build,linux,386,)