From 1da065b47401a1e7089461aeb27ba2af30b15c98 Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Wed, 23 Oct 2024 15:00:25 +0900
Subject: [PATCH] An initial support of Trivy plugin mode

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 Makefile    | 17 +++++++++++++----
 plugin.yaml | 30 ++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 4 deletions(-)
 create mode 100644 plugin.yaml

diff --git a/Makefile b/Makefile
index 023e4ce..f29061a 100644
--- a/Makefile
+++ b/Makefile
@@ -38,14 +38,23 @@ uninstall:
 clean:
 	rm -rf _output _artifacts
 
+define make_artifact
+	rm -rf _output
+	GOOS=$(1) GOARCH=$(2) make binaries
+	(cd _output/bin; tar --sort=name --mtime="@${SOURCE_DATE_EPOCH}" \
+		--owner=0 --group=0 --numeric-owner \
+		--pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \
+		-czvf ../../_artifacts/vexllm-$(VERSION).$(1)-$(2).tar.gz .)
+endef
+
 .PHONY: artifacts
 artifacts:
 	rm -rf _artifacts
 	mkdir -p _artifacts
-	GOOS=linux  GOARCH=amd64            $(GO_BUILD) -o _artifacts/vexllm-$(VERSION).linux-amd64   ./cmd/vexllm
-	GOOS=linux  GOARCH=arm64            $(GO_BUILD) -o _artifacts/vexllm-$(VERSION).linux-arm64   ./cmd/vexllm
-	GOOS=darwin GOARCH=amd64            $(GO_BUILD) -o _artifacts/vexllm-$(VERSION).darwin-amd64  ./cmd/vexllm
-	GOOS=darwin GOARCH=arm64            $(GO_BUILD) -o _artifacts/vexllm-$(VERSION).darwin-arm64  ./cmd/vexllm
+	$(call make_artifact,linux,amd64)
+	$(call make_artifact,linux,arm64)
+	$(call make_artifact,darwin,amd64)
+	$(call make_artifact,darwin,arm64)
 	(cd _artifacts ; sha256sum *) > SHA256SUMS
 	mv SHA256SUMS _artifacts/SHA256SUMS
 	touch -d @$(SOURCE_DATE_EPOCH) _artifacts/*
diff --git a/plugin.yaml b/plugin.yaml
new file mode 100644
index 0000000..8574858
--- /dev/null
+++ b/plugin.yaml
@@ -0,0 +1,30 @@
+# Trivy plugin manifest <https://aquasecurity.github.io/trivy/v0.56/docs/plugin/developer-guide/>
+name: "vexllm"
+version: "0.1.0-beta.0"
+repository: github.com/AkihiroSuda/vexllm
+maintainer: AkihiroSuda
+# TODO: support output mode
+summary: Silence negligible CVE alerts using LLM
+description: |-
+  A Trivy plugin that silences negligible CVE alerts using LLM.
+platforms:
+  - selector:
+      os: darwin
+      arch: amd64
+    uri: https://github.com/AkihiroSuda/vexllm/releases/download/v0.1.0-beta.0/vexllm-v0.1.0-beta.0.darwin-amd64.tar.gz
+    bin: ./vexllm
+  - selector:
+      os: darwin
+      arch: arm64
+    uri: https://github.com/AkihiroSuda/vexllm/releases/download/v0.1.0-beta.0/vexllm-v0.1.0-beta.0.darwin-arm64.tar.gz
+    bin: ./vexllm
+  - selector:
+      os: linux
+      arch: amd64
+    uri: https://github.com/AkihiroSuda/vexllm/releases/download/v0.1.0-beta.0/vexllm-v0.1.0-beta.0.linux-amd64.tar.gz
+    bin: ./vexllm
+  - selector:
+      os: linux
+      arch: arm64
+    uri: https://github.com/AkihiroSuda/vexllm/releases/download/v0.1.0-beta.0/vexllm-v0.1.0-beta.0.linux-arm64.tar.gz
+    bin: ./vexllm