From cb4ac18ebcac28e3e8f08914e582a01a747284dc Mon Sep 17 00:00:00 2001
From: shaneboulden <shane.boulden@gmail.com>
Date: Mon, 16 Sep 2024 16:37:34 +1000
Subject: [PATCH] add cyclonedx sbom to releases

---
 .github/workflows/go-cyclonedx-sbom.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 .github/workflows/go-cyclonedx-sbom.yml

diff --git a/.github/workflows/go-cyclonedx-sbom.yml b/.github/workflows/go-cyclonedx-sbom.yml
new file mode 100644
index 0000000..693f49f
--- /dev/null
+++ b/.github/workflows/go-cyclonedx-sbom.yml
@@ -0,0 +1,15 @@
+# Download and invoke cyclonedx-gomod in a single step
+name: CycloneDX SBOM generate
+on:
+    workflow_dispatch:
+    release:
+      types: [created]
+
+permissions: read-all
+
+jobs:
+  generate:
+    uses: CycloneDX/gh-gomod-generate-sbom@v2
+    with:
+        version: v1
+        args: mod -licenses -json -output bom.json