adding SBOM support

https://depot.dev/blog/build-with-sboms
2023-10-17 06:25:07 -07:00 · 2023-10-17 06:25:07 -07:00 · 4f1222d0d8
parent 9087f590b2
commit 4f1222d0d8
1 changed files with 12 additions and 0 deletions
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@ -72,3 +72,15 @@ jobs:
          labels: ${{ steps.meta.outputs.labels }}
          build-args: |
            FASTEN_ENV=${{ matrix.flavor == 'sandbox' && 'sandbox' || 'prod' }}
+          sbom: true
+          sbom-dir: ./sbom-output
+      - name: upload SBOM directory as a build artifact
+        uses: actions/upload-artifact@v3.1.0
+        with:
+          path: ./sbom-output
+          name: 'SBOM'
+
+      - name: upload spdx dependency
+        uses: advanced-security/spdx-dependency-submission-action@v0.0.1
+        with:
+          filePath: ./sbom-output/