From 63a98503e02103672991de314b30ee987a81b729 Mon Sep 17 00:00:00 2001
From: Bertrand Goareguer <bertrand.goareguer@gmail.com>
Date: Thu, 18 Jan 2024 08:45:47 +0000
Subject: [PATCH] fix: Resolve "Syft packages is now deprecated"

---
 README.md                      | 2 +-
 kicker.json                    | 2 +-
 templates/gitlab-ci-docker.yml | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 3a1acc1..ad46285 100644
--- a/README.md
+++ b/README.md
@@ -398,7 +398,7 @@ It is bound to the `package-test` stage, and uses the following variables:
 | --------------------- | -------------------------------------- | ----------------- |
 | `DOCKER_SBOM_DISABLED` | Set to `true` to disable this job | _none_ |
 | `DOCKER_SBOM_IMAGE` | The docker image used to emit SBOM | `registry.hub.docker.com/anchore/syft:debug` |
-| `DOCKER_SBOM_OPTS` | Options for syft used for SBOM analysis | `--catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,alpmdb-cataloger,apkdb-cataloger,dpkgdb-cataloger` |
+| `DOCKER_SBOM_OPTS` | Options for syft used for SBOM analysis | `--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger` |
 
 ### `docker-publish` job
 
diff --git a/kicker.json b/kicker.json
index 3f43e30..39dccad 100644
--- a/kicker.json
+++ b/kicker.json
@@ -210,7 +210,7 @@
         {
           "name": "DOCKER_SBOM_OPTS",
           "description": "Options for syft used for SBOM analysis",
-          "default": "--catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,alpmdb-cataloger,apkdb-cataloger,dpkgdb-cataloger",
+          "default": "--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger",
           "advanced": true
         }
       ]
diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml
index a8c762f..fb0990f 100644
--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -86,7 +86,7 @@ variables:
 
   # SBOM genenration image and arguments
   DOCKER_SBOM_IMAGE: "registry.hub.docker.com/anchore/syft:debug"
-  DOCKER_SBOM_OPTS: "--catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,alpmdb-cataloger,apkdb-cataloger,dpkgdb-cataloger"
+  DOCKER_SBOM_OPTS: "--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger"
 
   # default: one-click publish
   DOCKER_PROD_PUBLISH_STRATEGY: manual
@@ -803,7 +803,7 @@ docker-sbom:
   script:
     - mkdir -p -m 777 reports
     - basename=$(echo "${DOCKER_SNAPSHOT_IMAGE}" | sed 's|[/:]|_|g')
-    - /syft packages ${TRACE+-vv} $DOCKER_SNAPSHOT_IMAGE $DOCKER_SBOM_OPTS -o cyclonedx-json=reports/docker-sbom-${basename}.cyclonedx.json
+    - /syft scan ${TRACE+-vv} $DOCKER_SNAPSHOT_IMAGE $DOCKER_SBOM_OPTS -o cyclonedx-json=reports/docker-sbom-${basename}.cyclonedx.json
     - chmod a+r reports/docker-sbom-${basename}.cyclonedx.json
   artifacts:
     name: "SBOM for docker from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
-- 
GitLab