Remove manual SBOMs

Syft is now detecting OpenSSL and Erlanf binaries and rabbitmq erlang package

Author: LaurentGoderre

.gitignore

@@ -1,2 +1 @@
 .jq-template.awk
-.template-helper-functions.jq

3.12/alpine/Dockerfile

@@ -1,5 +1,4 @@
 # Alpine Linux is not officially supported by the RabbitMQ team -- use at your own risk!
-{{ include ".template-helper-functions" }}
 FROM alpine:{{ .alpine.version }} as build-base
 
 RUN apk add --no-cache \
@@ -235,34 +234,7 @@ ENV ERLANG_INSTALL_PATH_PREFIX /opt/erlang
 ENV OPENSSL_INSTALL_PATH_PREFIX /opt/openssl
 
 COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX
-RUN echo '{{
-		{
-			name: "erlang",
-			version: .otp.version,
-			params: {
-				os_name: "alpine",
-				os_version: .alpine.version
-			},
-			licenses: [
-				"Apache-2.0"
-			]
-		} | sbom | tostring
-	}}' > $ERLANG_INSTALL_PATH_PREFIX/erlang.spdx.json
-
 COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX
-RUN echo '{{
-		{
-			name: "openssl",
-			version: .openssl.version,
-			params: {
-				os_name: "alpine",
-				os_version: .alpine.version
-			},
-			licenses: [
-				"Apache-2.0"
-			]
-		} | sbom | tostring
-	}}' > $OPENSSL_INSTALL_PATH_PREFIX/openssl.spdx.json
 
 ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH
 
@@ -361,22 +333,7 @@ RUN set -eux; \
 	su-exec rabbitmq rabbitmqctl list_ciphers; \
 	su-exec rabbitmq rabbitmq-plugins list; \
 # no stale cookies
-	rm "$RABBITMQ_DATA_DIR/.erlang.cookie";\
-	\
-	echo '{{
-		{
-			name: "rabbitmq",
-			version: .version,
-			params: {
-				os_name: "alpine",
-				os_version: .alpine.version
-			},
-			licenses: [
-				"MPL-2.0",
-				"Apache-2.0"
-			]
-		} | sbom | tostring
-	}}' > $RABBITMQ_HOME/rabbitmq.spdx.json;
+	rm "$RABBITMQ_DATA_DIR/.erlang.cookie"
 
 # Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419)
 RUN su-exec rabbitmq rabbitmq-plugins enable --offline rabbitmq_prometheus

3.12/ubuntu/Dockerfile

@@ -1,6 +1,5 @@
 # The official Canonical Ubuntu Focal image is ideal from a security perspective,
 # especially for the enterprises that we, the RabbitMQ team, have to deal with
-{{ include ".template-helper-functions" }}
 FROM ubuntu:{{ .ubuntu.version }} as build-base
 
 ARG BUILDKIT_SBOM_SCAN_STAGE=true
@@ -234,34 +233,7 @@ FROM ubuntu:{{ .ubuntu.version }}
 ENV ERLANG_INSTALL_PATH_PREFIX /opt/erlang
 ENV OPENSSL_INSTALL_PATH_PREFIX /opt/openssl
 COPY --from=erlang-builder $ERLANG_INSTALL_PATH_PREFIX $ERLANG_INSTALL_PATH_PREFIX
-RUN echo '{{
-		{
-			name: "erlang",
-			version: .otp.version,
-			params: {
-				os_name: "ubuntu",
-				os_version: .ubuntu.version
-			},
-			licenses: [
-				"Apache-2.0"
-			]
-		} | sbom | tostring
-	}}' > $ERLANG_INSTALL_PATH_PREFIX/erlang.spdx.json
-
 COPY --from=openssl-builder $OPENSSL_INSTALL_PATH_PREFIX $OPENSSL_INSTALL_PATH_PREFIX
-RUN echo '{{
-		{
-			name: "openssl",
-			version: .openssl.version,
-			params: {
-				os_name: "ubuntu",
-				os_version: .ubuntu.version
-			},
-			licenses: [
-				"Apache-2.0"
-			]
-		} | sbom | tostring
-	}}' > $OPENSSL_INSTALL_PATH_PREFIX/openssl.spdx.json
 
 ENV PATH $ERLANG_INSTALL_PATH_PREFIX/bin:$OPENSSL_INSTALL_PATH_PREFIX/bin:$PATH
 
@@ -355,22 +327,7 @@ RUN set -eux; \
 	gosu rabbitmq rabbitmqctl list_ciphers; \
 	gosu rabbitmq rabbitmq-plugins list; \
 # no stale cookies
-	rm "$RABBITMQ_DATA_DIR/.erlang.cookie"; \
-	\
-	echo '{{
-			{
-				name: "rabbitmq",
-				version: .version,
-				params: {
-					os_name: "ubuntu",
-					os_version: .ubuntu.version
-				},
-				licenses: [
-					"MPL-2.0",
-					"Apache-2.0"
-				]
-			} | sbom | tostring
-		}}' > $RABBITMQ_HOME/rabbitmq.spdx.json
+	rm "$RABBITMQ_DATA_DIR/.erlang.cookie"
 
 # Enable Prometheus-style metrics by default (https://github.com/docker-library/rabbitmq/issues/419)
 RUN gosu rabbitmq rabbitmq-plugins enable --offline rabbitmq_prometheus

3.13/alpine/Dockerfile

@@ -13,14 +13,6 @@ elif [ "$BASH_SOURCE" -nt "$jqt" ]; then
 	wget -qO "$jqt" 'https://github.com/docker-library/bashbrew/raw/9f6a35772ac863a0241f147c820354e4008edf38/scripts/jq-template.awk'
 fi
 
-jqf='.template-helper-functions.jq'
-if [ -n "${BASHBREW_SCRIPTS:-}" ]; then
-	jqf="$BASHBREW_SCRIPTS/template-helper-functions.jq"
-elif [ "$BASH_SOURCE" -nt "$jqf" ]; then
-	# https://github.com/docker-library/bashbrew/blob/master/scripts/template-helper-functions.jq
-	wget -qO "$jqf" 'https://github.com/docker-library/bashbrew/raw/5a86c34c5a3ef370b3d22c398d45ccab53bd64bd/scripts/template-helper-functions.jq'
-fi
-
 if [ "$#" -eq 0 ]; then
 	versions="$(jq -r 'keys | map(@sh) | join(" ")' versions.json)"
 	eval "set -- $versions"