Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit7824a2f

Browse files
committed
fix: add continue-on-error to SBOM generation and force flag to cosign clean
Change-Id: Ide303c059b1a3d0e3fd77863310e99668325bc69Signed-off-by: Thomas Kosiewski <tk@coder.com>
1 parent0e878a8 commit7824a2f

File tree

2 files changed

+5
-3
lines changed

2 files changed

+5
-3
lines changed

‎.github/workflows/ci.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1182,6 +1182,7 @@ jobs:
11821182
11831183
-name:SBOM Generation and Attestation
11841184
if:github.ref == 'refs/heads/main'
1185+
continue-on-error:true
11851186
env:
11861187
COSIGN_EXPERIMENTAL:1
11871188
run:|
@@ -1200,7 +1201,7 @@ jobs:
12001201
syft "${IMAGE}" -o spdx-json > "${SBOM_FILE}"
12011202
12021203
echo "Attesting SBOM to image: ${IMAGE}"
1203-
cosign clean "${IMAGE}"
1204+
cosign clean--force=true"${IMAGE}"
12041205
cosign attest --type spdxjson \
12051206
--predicate "${SBOM_FILE}" \
12061207
--yes \

‎.github/workflows/release.yaml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -498,6 +498,7 @@ jobs:
498498

499499
-name:SBOM Generation and Attestation
500500
if:${{ !inputs.dry_run }}
501+
continue-on-error:true
501502
env:
502503
COSIGN_EXPERIMENTAL:"1"
503504
run:|
@@ -509,7 +510,7 @@ jobs:
509510
510511
# Attest SBOM to multi-arch image
511512
echo "Attesting SBOM to multi-arch image: ${{ steps.build_docker.outputs.multiarch_image }}"
512-
cosign clean "${{ steps.build_docker.outputs.multiarch_image }}"
513+
cosign clean--force=true"${{ steps.build_docker.outputs.multiarch_image }}"
513514
cosign attest --type spdxjson \
514515
--predicate coder_${{ steps.version.outputs.version }}_sbom.spdx.json \
515516
--yes \
@@ -522,7 +523,7 @@ jobs:
522523
syft "${latest_tag}" -o spdx-json > coder_latest_sbom.spdx.json
523524
524525
echo "Attesting SBOM to latest image: ${latest_tag}"
525-
cosign clean "${latest_tag}"
526+
cosign clean--force=true"${latest_tag}"
526527
cosign attest --type spdxjson \
527528
--predicate coder_latest_sbom.spdx.json \
528529
--yes \

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp