From 584591b6d5d7b19fd827f9c6ee1ee428b3609b38 Mon Sep 17 00:00:00 2001
From: Guillaume Lours <guillaume.lours@docker.com>
Date: Fri, 18 Dec 2020 10:26:18 +0100
Subject: [PATCH 1/3] Add installer for docker scan

Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
---
 plugins/scan.installer | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 plugins/scan.installer

diff --git a/plugins/scan.installer b/plugins/scan.installer
new file mode 100644
index 0000000000..d63b191ace
--- /dev/null
+++ b/plugins/scan.installer
@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+set -e
+
+source "$(dirname "$0")/.common"
+PKG=github.com/docker/scan-cli-plugin
+GOPATH=$(go env GOPATH)
+REPO=https://${PKG}.git
+COMMIT=v0.7.0
+DEST=${GOPATH}/src/${PKG}
+
+build() {
+    if [ ! -d "${DEST}" ]; then
+        git clone "${REPO}" "${DEST}"
+    fi
+    (
+        cd "${DEST}"
+        git fetch --all
+        git checkout -q "${COMMIT}"
+        PLATFORM_BINARY=docker-scan make native-build
+    )
+}
+
+install_plugin() {
+    (
+        cd "${DEST}"
+        install_binary bin/docker-scan
+    )
+}
+
+build_or_install "$@"

From e679208a488911b004b0e2355940b3cd112af4ed Mon Sep 17 00:00:00 2001
From: Guillaume Tardif <guillaume.tardif@gmail.com>
Date: Wed, 24 Mar 2021 10:17:28 +0100
Subject: [PATCH 2/3] Use goproxy to make go mode download work on centos7 (old
 git version)

Alternative solution was to update git on centos7 in /rpm/SPEC/docker-ce-cli.spec:
```
if [ "$SUITE" == "7" ]; then
    yum install -y http://opensource.wandisco.com/centos/7/git/x86_64/wandisco-git-release-7-2.noarch.rpm
    yum install -y git
fi
```

But rather not changing what is installed on the CEnTOS bistro for the entire CI pipeline

Signed-off-by: Guillaume Tardif <guillaume.tardif@gmail.com>
---
 plugins/scan.installer | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/plugins/scan.installer b/plugins/scan.installer
index d63b191ace..f3aa1b5c95 100644
--- a/plugins/scan.installer
+++ b/plugins/scan.installer
@@ -17,7 +17,11 @@ build() {
         cd "${DEST}"
         git fetch --all
         git checkout -q "${COMMIT}"
-        PLATFORM_BINARY=docker-scan make native-build
+        # TODO remove GOPROXY override once we updated to Go 1.14+
+        # Using goproxy instead of "direct" to work around an issue in go mod
+        # on Go 1.13 not working with older git versions (default version on
+        # CentOS 7 is git 1.8), see https://github.com/golang/go/issues/38373
+        GOPROXY="https://proxy.golang.org" PLATFORM_BINARY=docker-scan make native-build
     )
 }
 

From 291077248dad276b2b000849af2f3ad71e38955f Mon Sep 17 00:00:00 2001
From: Guillaume Tardif <guillaume.tardif@gmail.com>
Date: Thu, 25 Mar 2021 16:00:01 +0100
Subject: [PATCH 3/3] Do not include scan plugin on arm packages

Signed-off-by: Guillaume Tardif <guillaume.tardif@gmail.com>
---
 plugins/scan.installer | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/plugins/scan.installer b/plugins/scan.installer
index f3aa1b5c95..3660065f4d 100644
--- a/plugins/scan.installer
+++ b/plugins/scan.installer
@@ -32,4 +32,11 @@ install_plugin() {
     )
 }
 
-build_or_install "$@"
+case "$(uname -i)" in
+  aarch64)
+    echo "Skipping scan plugin on ARM arch";;
+  arm*)
+    echo "Skipping scan plugin on ARM arch";;
+  *)
+    build_or_install "$@";;
+esac