Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ibcli: add new --extra-artifacts option that can write an sbom file #69

Merged
merged 4 commits into from
Jan 19, 2025
Merged

ibcli: add new --extra-artifacts option that can write an sbom file #69

merged 4 commits into from
Jan 19, 2025

Conversation

mvo5
Copy link
Collaborator

@mvo5 mvo5 commented Jan 16, 2025
edited
Loading

This commit adds an option to generate an sbom file via the
new --export-sbomoption.

This to follows osbuild/osbuild-composer#4359 and names the isboms <image_filename>.<pipeline_purpose>-<pipeline_name>.spdx.json

Once that is in we can do --extra-artifacts=manifest (this should be much simpler) and maybe later extra-artifacts=buildlog.

Closes: #46

JIRA: RHELBU-3011

@mvo5 mvo5 requested a review from thozza January 16, 2025 13:13
@mvo5 mvo5 force-pushed the export-sbom-option branch from 1935df2 to e39f3cb Compare January 16, 2025 16:33
@mvo5 mvo5 changed the title ibcli: add new --export-sbom option that writes an sbom file ibcli: add new --extra-artifacts option that can write an sbom file Jan 16, 2025
@mvo5 mvo5 force-pushed the export-sbom-option branch 3 times, most recently from 6602526 to 961a54c Compare January 17, 2025 11:47
mvo5 added 3 commits January 17, 2025 15:18
@mvo5
main: tweak TestBuildIntegrationErrors
69efba0 
We do not need to pass a blueprint in this test.
@mvo5
ibcli: add new --extra-artifacts option with sbom support
18148c2 
This commit adds an option --extra-artifacts that can be
used to generate extra artifacts during the build or manifest
generation. Initially supported is `sbom` (but `manifest` is
planned too).

To use it run `--extra-artifacts=sbom` and it will generate
files like `centos-9-qcow2-x86_64.image-os.spdx.json` in
the output directory next to the generate runable artifact.

Closes: osbuild#46
@mvo5
main: add --output-dir option
8e25ddb 
This commit adds a new `--output-dir` option to override the
default output directory for the generated artifacts.

Note that this can also be used together with `manifest` when
extra artifacts (like the sbom) is requested.
@mvo5 mvo5 force-pushed the export-sbom-option branch from 6485cad to dd0fd4a Compare January 17, 2025 14:18
@mvo5 mvo5 marked this pull request as ready for review January 17, 2025 14:18
@mvo5
README: document the new --extra-artifacts=sbom option
ba4adc2 
Small commit that tweaks the README to include this new option.
@mvo5 mvo5 force-pushed the export-sbom-option branch from dd0fd4a to ba4adc2 Compare January 17, 2025 14:39
supakeen
supakeen approved these changes Jan 19, 2025
View reviewed changes
Copy link
Member

@supakeen supakeen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a really good change and a great start to start iterating on. There's some minor things I'd do differently or change but nothing that blocks having this cool feature :)

@supakeen supakeen added this pull request to the merge queue Jan 19, 2025
Merged via the queue into osbuild:main with commit ca0c9e6 Jan 19, 2025
11 of 27 checks passed
@thozza thozza mentioned this pull request Jan 23, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@supakeen supakeen supakeen approved these changes

@thozza thozza Awaiting requested review from thozza

@ondrejbudai ondrejbudai Awaiting requested review from ondrejbudai

@achilleas-k achilleas-k Awaiting requested review from achilleas-k

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SBOM exports
2 participants
@mvo5 @supakeen