Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support GitHub API integration #190

Closed
kzantow opened this issue Feb 14, 2022 · 1 comment · Fixed by #201
Closed

Support GitHub API integration #190

kzantow opened this issue Feb 14, 2022 · 1 comment · Fixed by #201
Assignees
@kzantow
Labels
enhancement New feature or request

Comments

@kzantow
Copy link
Contributor

kzantow commented Feb 14, 2022

To best integrate with GitHub and the scan-action, we have some alternative storage methods to SBOMs that we need to implement, namely the GitHub API.

By default, we should:

  • Generate SBOM
  • Translate to GitHub format
  • Upload to GitHub API

This upload should be able to replace the workflow artifact attachment and make finding generated SBOMs more consistent based on a SHA.
@kzantow kzantow self-assigned this Feb 14, 2022
@kzantow kzantow added the enhancement New feature or request label Feb 14, 2022
@kzantow kzantow linked a pull request Feb 18, 2022 that will close this issue
Upload to GitHub api #201
Merged
@kzantow kzantow added the blocked Something is preventing this from progressing label Feb 18, 2022
@kzantow
Copy link
Contributor Author

kzantow commented Feb 18, 2022

I've made a working draft PR for this, but we are waiting on some other work being completed before this is at all reviewable.

@kzantow kzantow removed the blocked Something is preventing this from progressing label Mar 9, 2022
@kzantow kzantow mentioned this issue Mar 16, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kzantow kzantow

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Upload to GitHub api kzantow-anchore/sbom-action
1 participant
@kzantow