Stack BOM RFC #125
Closed
Stack BOM RFC #125
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sophiewigmore
force-pushed
the
stack-syft-bom
branch
from
1b1e67b to
3734207
Compare
sophiewigmore
force-pushed
the
stack-syft-bom
branch
from
3734207 to
20fc563
Compare
ryanmoran
suggested changes
Nov 8, 2021
Co-authored-by: Ryan Moran <[email protected]>
Co-authored-by: Ryan Moran <[email protected]>
Co-authored-by: Ryan Moran <[email protected]>
|
Same. +1 looks good. |
dmikusa
approved these changes
Nov 9, 2021
|
This looks great! We should block on the upstream RFC getting merged though so that we can track any changes between now and then. |
sophiewigmore
pushed a commit
to paketo-buildpacks/stacks
that referenced
this pull request
Nov 19, 2021
- Implements paketo-buildpacks/rfcs#125 - Uses layer addition code from github.com/sclevine/cnb-sbom - Includes basic BOM generation and attachment logic
5 tasks
sophiewigmore
pushed a commit
to paketo-buildpacks/stacks
that referenced
this pull request
Nov 19, 2021
- Implements paketo-buildpacks/rfcs#125 - Uses layer addition code from github.com/sclevine/cnb-sbom - Includes basic BOM generation and attachment logic
sophiewigmore
pushed a commit
to paketo-buildpacks/stacks
that referenced
this pull request
Nov 29, 2021
- Although not consistent with github.com/paketo-buildpacks/rfcs/pull/125, it is consistent with comments in the upstream CNB, and can be easily removed.
sophiewigmore
pushed a commit
to paketo-buildpacks/stacks
that referenced
this pull request
Nov 29, 2021
- Although not consistent with github.com/paketo-buildpacks/rfcs/pull/125, it is consistent with comments in the upstream CNB, and can be easily removed.
brayanhenao
pushed a commit
to paketo-buildpacks/stacks
that referenced
this pull request
Dec 9, 2021
* Add run image BOM - Implements paketo-buildpacks/rfcs#125 - Uses layer addition code from github.com/sclevine/cnb-sbom - Includes basic BOM generation and attachment logic * use specific alpine tag in bom generation test * Change bom file name to include original image digest - Although not consistent with github.com/paketo-buildpacks/rfcs/pull/125, it is consistent with comments in the upstream CNB, and can be easily removed. * generate Squashed Syft output * Attach SBOM using feature flag * Assert SBOM doesn't appear when not flagged * Adds experimental SBOM support in create-stack action Co-authored-by: Ryan Moran <[email protected]> Co-authored-by: Sophie Wigmore <[email protected]>
|
Closing out for now due to inactivity. Will re-open or create a new RFC when the direction upstream is definitive. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Readable
Use Cases
Checklist