Skip to content

Commit

Permalink
Add support for syft json type to cosign
Browse files Browse the repository at this point in the history
Signed-off-by: Sambhav Kothari <[email protected]>
  • Loading branch information
sambhav committed Dec 5, 2021
1 parent e233ce8 commit 5a8e573
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 3 deletions.
6 changes: 4 additions & 2 deletions cmd/cosign/cli/options/attach.go
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ func (o *AttachSBOMOptions) AddFlags(cmd *cobra.Command) {
"path to the sbom, or {-} for stdin")

cmd.Flags().StringVar(&o.SBOMType, "type", "spdx",
"type of sbom (spdx|cyclonedx)")
"type of sbom (spdx|cyclonedx|syft)")
}

func (o *AttachSBOMOptions) MediaType() (types.MediaType, error) {
Expand All @@ -70,7 +70,9 @@ func (o *AttachSBOMOptions) MediaType() (types.MediaType, error) {
return ctypes.CycloneDXMediaType, nil
case "spdx":
return ctypes.SPDXMediaType, nil
case "syft":
return ctypes.SyftMediaType, nil
default:
return "unknown", fmt.Errorf("unknown SBOM type: %q, expected (spdx|cyclonedx)", o.SBOMType)
return "unknown", fmt.Errorf("unknown SBOM type: %q, expected (spdx|cyclonedx|syft)", o.SBOMType)
}
}
2 changes: 1 addition & 1 deletion doc/cosign_attach_sbom.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions pkg/types/media.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ package types

const (
CycloneDXMediaType = "application/vnd.cyclonedx"
SyftMediaType = "application/vnd.syft"
SimpleSigningMediaType = "application/vnd.dev.cosign.simplesigning.v1+json"
SPDXMediaType = "text/spdx"
WasmLayerMediaType = "application/vnd.wasm.content.layer.v1+wasm"
Expand Down

0 comments on commit 5a8e573

Please sign in to comment.