Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat: add SBOM generation and attestation to GitHub workflow#17277

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Conversation

ThomasK33
Copy link
Member

@ThomasK33ThomasK33 commentedApr 7, 2025
edited
Loading

Move SBOM generation and attestation to GitHub workflow

This PR moves the SBOM generation and attestation process from thebuild_docker.sh script to the GitHub workflow. The change:

  1. Removes SBOM generation and attestation from thebuild_docker.sh script
  2. Adds a new "SBOM Generation and Attestation" step in the GitHub workflow
  3. Generates and attests SBOMs for both multi-arch images and latest tags when applicable

This approach ensures SBOM generation happens once for the final multi-architecture image rather than for each architecture separately.

Change-Id: I2e15d7322ddec933bbc9bd7880abba9b0842719f
Signed-off-by: Thomas Kosiewskitk@coder.com

@ThomasK33Graphite App
Copy link
MemberAuthor

This stack of pull requests is managed byGraphite. Learn more aboutstacking.

@ThomasK33ThomasK33 marked this pull request as ready for reviewApril 7, 2025 12:14
Copy link
Member

@matifalimatifali left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Can we also add this toci.yaml so that we can have it for preview releases too.

@ThomasK33ThomasK33force-pushed thethomask33/04-07-feat_add_sbom_generation_and_attestation_to_github_workflow branch fromc7e6be1 to26ee58aCompareApril 7, 2025 14:53
@ThomasK33ThomasK33 requested a review frommatifaliApril 7, 2025 14:53
@ThomasK33Graphite App
Copy link
MemberAuthor

This will now also upload the json sbom files as part of the release.
We might not want this, but I think it'll make them more accessible and visible to customers.

matifali reacted with thumbs up emoji

Change-Id: I2e15d7322ddec933bbc9bd7880abba9b0842719fSigned-off-by: Thomas Kosiewski <tk@coder.com>
@ThomasK33ThomasK33force-pushed thethomask33/04-07-feat_add_sbom_generation_and_attestation_to_github_workflow branch from26ee58a toe3ff60aCompareApril 7, 2025 14:59
@ThomasK33ThomasK33 requested a review frommatifaliApril 7, 2025 14:59
Copy link
Member

@matifalimatifali left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

🚢 it

@ThomasK33ThomasK33 merged commitf48a24c intomainApr 7, 2025
33 checks passed
@ThomasK33ThomasK33 deleted the thomask33/04-07-feat_add_sbom_generation_and_attestation_to_github_workflow branchApril 7, 2025 15:54
@github-actionsgithub-actionsbot locked and limited conversation to collaboratorsApr 7, 2025
Sign up for freeto subscribe to this conversation on GitHub. Already have an account?Sign in.

Reviewers

@matifalimatifalimatifali approved these changes

Assignees

@ThomasK33ThomasK33

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ThomasK33@matifali
[8]ページ先頭
©2009-2025 Movatter.jp