%define _build_id_links none
%global debug_package %{nil}

Name:           grype
Version:        0.87.0
Release:        1%{?dist}
Summary:        A CLI vulnerability scanner for container images and filesystems

License:        Apache-2.0

URL:            https://github.com/anchore/grype/releases
Source0:        https://github.com/anchore/grype/releases/download/v%{version}/%{name}_%{version}_linux_amd64.tar.gz
Source1:        https://github.com/anchore/grype/releases/download/v%{version}/%{name}_%{version}_checksums.txt

BuildRequires: coreutils
BuildRequires: wget

%description
Grype is a CLI vulnerability scanner for container images and filesystems.
Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems.

%prep
# Some architecture replacements (equal "replacements" included to remind myself that I didn't forget them)
ARCH=%{_arch}
ARCH=${ARCH/x86_64/amd64}
ARCH=${ARCH/aarch64/arm64}
ARCH=${ARCH/ppc64le/ppc64le}
ARCH=${ARCH/s390x/s390x}

wget https://github.com/anchore/grype/releases/download/v%{version}/grype_%{version}_linux_$ARCH.tar.gz
wget https://github.com/anchore/grype/releases/download/v%{version}/grype_%{version}_checksums.txt

pushd %{_sourcedir}
sha256sum --ignore-missing -c grype_%{version}_checksums.txt
popd

tar -xzf grype_%{version}_linux_$ARCH.tar.gz

%autosetup -c

%install
mkdir -p %{buildroot}/%{_bindir}
%{__install} -m 755 %{name} %{buildroot}/%{_bindir}/%{name}

%files
%{_bindir}/%{name}

%doc README.md
%license LICENSE

%changelog
* Thu Jan 23 2025 Christian Vonderstein <copr234@vonderste.in> - 0.87.0-1
- Initial packaging for grype 0.87.0