From 1bcf9d0e8ecf66f4ab96a0b98c44dcb9c1875bf5 Mon Sep 17 00:00:00 2001
From: Ariadne Conill <ariadne@dereferenced.org>
Date: Tue, 29 Jun 2021 16:33:14 -0600
Subject: [PATCH] update to secfixes-tracker 0.3.3, configure security
 rejections feed

---
 config/prod.settings.py               | 11 +++++++++++
 docker-compose.yml                    |  2 +-
 overlay/usr/local/bin/update-secfixes |  1 +
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/config/prod.settings.py b/config/prod.settings.py
index 6153e6f..05bee90 100644
--- a/config/prod.settings.py
+++ b/config/prod.settings.py
@@ -24,6 +24,17 @@ APKINDEX_REPOSITORIES = {
     "3.11-main": "https://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz",
 }
 
+# repo -> uri
+SECURITY_REJECTIONS = {
+    "edge-main": "https://gitlab.alpinelinux.org/kaniini/security-rejections/-/raw/master/main.yaml",
+    "edge-community": "https://gitlab.alpinelinux.org/kaniini/security-rejections/-/raw/master/community.yaml",
+    "3.14-main": "https://gitlab.alpinelinux.org/kaniini/security-rejections/-/raw/master/main.yaml",
+    "3.14-community": "https://gitlab.alpinelinux.org/kaniini/security-rejections/-/raw/master/community.yaml",
+    "3.13-main": "https://gitlab.alpinelinux.org/kaniini/security-rejections/-/raw/master/main.yaml",
+    "3.12-main": "https://gitlab.alpinelinux.org/kaniini/security-rejections/-/raw/master/main.yaml",
+    "3.11-main": "https://gitlab.alpinelinux.org/kaniini/security-rejections/-/raw/master/main.yaml",
+}
+
 PACKAGE_EXCLUSIONS = [
     "alpine-base",
     "build-base",
diff --git a/docker-compose.yml b/docker-compose.yml
index aa71ace..1c0378b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -15,7 +15,7 @@ services:
     build:
       context: .
       args:
-        - SECFIXES_TRACKER_VERSION=0.3.2
+        - SECFIXES_TRACKER_VERSION=0.3.3
     ports:
       - 8080
   crond:
diff --git a/overlay/usr/local/bin/update-secfixes b/overlay/usr/local/bin/update-secfixes
index 058007e..773f69f 100755
--- a/overlay/usr/local/bin/update-secfixes
+++ b/overlay/usr/local/bin/update-secfixes
@@ -10,6 +10,7 @@ cd /home/python/secfixes-tracker
 flask import-nvd recent&
 flask import-apkindex&
 flask import-secfixes&
+flask import-rejections&
 
 wait
 
-- 
GitLab