From 7018c3b85a0a553c06da13d986cd1f87df28edcd Mon Sep 17 00:00:00 2001
From: Jason Kulatunga <jason@thesparktree.com>
Date: Tue, 17 Oct 2023 10:56:38 -0700
Subject: [PATCH] rollback SBOM support.

---
 .github/workflows/docker.yaml | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index 4f893012..0729e0d4 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -19,7 +19,7 @@ jobs:
   docker:
     runs-on: ubuntu-latest
     permissions:
-      contents: write
+      contents: read
       packages: write
       id-token: write
     strategy:
@@ -72,15 +72,15 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
           build-args: |
             FASTEN_ENV=${{ matrix.flavor == 'sandbox' && 'sandbox' || 'prod' }}
-          sbom: true
-          sbom-dir: ./sbom-output
-      - name: upload SBOM directory as a build artifact
-        uses: actions/upload-artifact@v3.1.0
-        with:
-          path: ./sbom-output
-          name: 'SBOM'
-
-      - name: upload spdx dependency
-        uses: advanced-security/spdx-dependency-submission-action@v0.0.1
-        with:
-          filePath: ./sbom-output/
+#          sbom: true
+#          sbom-dir: ./sbom-output
+#      - name: upload SBOM directory as a build artifact
+#        uses: actions/upload-artifact@v3.1.0
+#        with:
+#          path: ./sbom-output
+#          name: 'SBOM'
+#
+#      - name: upload spdx dependency
+#        uses: advanced-security/spdx-dependency-submission-action@v0.0.1
+#        with:
+#          filePath: ./sbom-output/