feat: add openSUSE tumbleweed detection and scanning

needs changes in trivy-db to go along from aquasecurity/trivy-db#411 to go along

aquasecurity/trivy-db#410

Author: msmeissn

docs/docs/coverage/os/index.md

@@ -22,6 +22,7 @@ Trivy supports operating systems for
 | [CBL-Mariner](cbl-mariner.md)        | 1.0, 2.0                            | dnf/yum/rpm      |
 | [Amazon Linux](amazon.md)            | 1, 2, 2023                          | dnf/yum/rpm      |
 | [openSUSE Leap](suse.md)             | 42, 15                              | zypper/rpm       |
+| [openSUSE Tumbleweed](suse.md)       | (n/a)                               | zypper/rpm       |
 | [SUSE Enterprise Linux](suse.md)     | 11, 12, 15                          | zypper/rpm       |
 | [Photon OS](photon.md)               | 1.0, 2.0, 3.0, 4.0                  | tndf/yum/rpm     |
 | [Debian GNU/Linux](debian.md)        | 7, 8, 9, 10, 11, 12                 | apt/dpkg         |

docs/docs/coverage/os/suse.md

@@ -2,6 +2,7 @@
 Trivy supports the following distributions:
 
 - openSUSE Leap
+- openSUSE Tumbleweed
 - SUSE Enterprise Linux (SLE)
 
 Please see [here](index.md#supported-os) for supported versions.
@@ -35,6 +36,6 @@ Trivy identifies licenses by examining the metadata of RPM packages.
 
 
 [dependency-graph]: ../../configuration/reporting.md#show-origins-of-vulnerable-dependencies
-[cvrf]: http://ftp.suse.com/pub/projects/security/cvrf/
+[cvrf]: https://ftp.suse.com/pub/projects/security/cvrf/
 
-[vulnerability statuses]: ../../configuration/filtering.md#by-status
+[vulnerability statuses]: ../../configuration/filtering.md#by-status

pkg/detector/ospkg/detect.go

@@ -40,6 +40,7 @@ var (
 		ftypes.CentOS:       redhat.NewScanner(),
 		ftypes.Rocky:        rocky.NewScanner(),
 		ftypes.Oracle:       oracle.NewScanner(),
+		ftypes.OpenSUSETumbleweed: suse.NewScanner(suse.OpenSUSETumbleweed),
 		ftypes.OpenSUSELeap: suse.NewScanner(suse.OpenSUSE),
 		ftypes.SLES:         suse.NewScanner(suse.SUSEEnterpriseLinux),
 		ftypes.Photon:       photon.NewScanner(),

pkg/detector/ospkg/suse/suse.go

@@ -66,6 +66,7 @@ const (
 	SUSEEnterpriseLinux Type = iota
 	// OpenSUSE for open versions
 	OpenSUSE
+	OpenSUSETumbleweed
 )
 
 // Scanner implements the SUSE scanner
@@ -84,6 +85,10 @@ func NewScanner(t Type) *Scanner {
 		return &Scanner{
 			vs: susecvrf.NewVulnSrc(susecvrf.OpenSUSE),
 		}
+	case OpenSUSETumbleweed:
+		return &Scanner{
+			vs: susecvrf.NewVulnSrc(susecvrf.OpenSUSETumbleweed),
+		}
 	}
 	return nil
 }
@@ -128,5 +133,9 @@ func (s *Scanner) IsSupportedVersion(ctx context.Context, osFamily ftypes.OSType
 	if osFamily == ftypes.SLES {
 		return osver.Supported(ctx, slesEolDates, osFamily, osVer)
 	}
+	// tumbleweed is a rolling release, it has no version and no eol
+	if osFamily == ftypes.OpenSUSETumbleweed {
+		return true
+	}
 	return osver.Supported(ctx, opensuseEolDates, osFamily, osVer)
 }