docker: switch to go secdb implementation

Build the go secdb application and adopt generate_secdb.sh to run it.

Dockerfile

-FROM alpinelinux/mqtt-exec
+FROM alpinelinux/golang as build
 
-ENV NQDIR=/tmp
+COPY --chown=build:build src /home/build/src
+
+WORKDIR /home/build/src
+
+RUN go build -v secdb
 
-RUN apk --no-cache add lua5.3 lua5.3-lyaml lua5.3-optarg lua5.3-cjson nq git
+FROM alpinelinux/mqtt-exec
+
+RUN apk --no-cache add nq git
 
+COPY --from=build /home/build/src/secdb /usr/local/bin/secdb
 COPY scripts /usr/local/bin
 
+ENV NQDIR=/tmp
+
 CMD [ "/usr/bin/nq", "-c", "generate_secdb.sh" ]

scripts/generate_secdb.sh

@@ -6,7 +6,8 @@ REPOS="main community"
 BRANCH=${1##*/}
 
 case $BRANCH in
-	master|commits) exit 0 ;;
+	commits) exit 0 ;;
+	master) RELEASE=edge;;
 	*-stable) RELEASE=v${BRANCH/-stable/} ;;
 	*) echo "unknown branch: \"$BRANCH\"" ; exit 1 ;;
 esac
@@ -26,15 +27,17 @@ for REPO in $REPOS; do
 	fi
 	echo "Generating secdb for $RELEASE/$REPO"
 	TMPFILE=$(mktemp)
-	secfixes.lua \
+	secdb \
 		--repo "$REPO" --release "$RELEASE" \
-		"$HOME"/aports/"$REPO"/*/APKBUILD > "$TMPFILE"
-	if cmp -s "$TMPFILE" /var/www/html/"$RELEASE"/"$REPO".yaml; then
+		-outYaml "$TMPFILE".yaml \
+		-outJson "$TMPFILE".json \
+		"$HOME"/aports/"$REPO"/*/APKBUILD
+	if cmp -s "$TMPFILE".yaml /var/www/html/"$RELEASE"/"$REPO".yaml; then
 		echo "No changes found yml secfixes, skipping."
 	else
-		secfixes.lua --verify "$TMPFILE"
-		install -D "$TMPFILE" /var/www/html/"$RELEASE"/"$REPO".yaml
-		yaml2json.lua "$TMPFILE" > /var/www/html/"$RELEASE"/"$REPO".json
+		for ext in yaml json; do
+			install -D "$TMPFILE.$ext" /var/www/html/"$RELEASE/$REPO.$ext"
+		done
 	fi
-	rm -f "$TMPFILE"
+	rm -f "$TMPFILE.yaml" "$TMPFILE.json"
 done