Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SBOM filter to allow image distribution #60

Closed
wants to merge 1 commit into from
Closed

Add SBOM filter to allow image distribution #60

wants to merge 1 commit into from
+12 −0

Conversation

vishwamartur
Copy link

Related to qualcomm-linux/meta-qcom#716

Add post build filter to clear out generated SBOM files.

  • Modify ci/yocto-check-layer.sh to include a step that uses the find command to locate and delete SBOM files.
  • Update ci/base.yml to add a post build filter section that uses the find command to locate and delete SBOM files.
  • Modify .github/workflows/build-yocto.yml to include a step that uses the find command to locate and delete SBOM files after the publish image step.

@vishwamartur
Add SBOM filter to allow image distribution
39eb3c4 
Related to #40

Add post build filter to clear out generated SBOM files.

* Modify `ci/yocto-check-layer.sh` to include a step that uses the `find` command to locate and delete SBOM files.
* Update `ci/base.yml` to add a post build filter section that uses the `find` command to locate and delete SBOM files.
* Modify `.github/workflows/build-yocto.yml` to include a step that uses the `find` command to locate and delete SBOM files after the publish image step.

Signed-off-by: Vishwanath Martur <[email protected]>
@ndechesne
Copy link
Contributor

I am most likely missing the context about this change. But I do not understand why your patch is needed.
Your commit message explains what the patch does which is not needed in general, since it's obvious from the change. It's better if your commit message explains why the change is needed and explains what is not obvious

@ricardosalveti
Copy link
Contributor

I updated qualcomm-linux/meta-qcom#716 to better describe what we need here, which is actually validating the generated sbom (based on the image artifacts) against a list of pre-approved packages (sbom filtering), to allow image distribution.

This change is just erasing the sbom, which is not really wanted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@quaresmajose quaresmajose Awaiting requested review from quaresmajose quaresmajose is a code owner

@ricardosalveti ricardosalveti Awaiting requested review from ricardosalveti ricardosalveti is a code owner

@sbanerjee-quic sbanerjee-quic Awaiting requested review from sbanerjee-quic sbanerjee-quic is a code owner

@quic-vkraleti quic-vkraleti Awaiting requested review from quic-vkraleti quic-vkraleti is a code owner

Assignees
No one assigned
Labels
None yet
Projects
Mainline Qualcomm Linux
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@vishwamartur @ndechesne @ricardosalveti