Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable automatic SBOM creation with spdx format #4848

Merged
merged 1 commit into from
May 9, 2022
Merged

Enable automatic SBOM creation with spdx format #4848

merged 1 commit into from
May 9, 2022

Conversation

afrittoli
Copy link
Member

@afrittoli afrittoli commented May 9, 2022
edited
Loading

Changes

This pulls in a version of the ko images that includes ko v0.11.2
which by defaults builds and pushes sbom data in SPDX format for
the images using with ko.

See: tektoncd/plumbing#1081

Signed-off-by: Andrea Frittoli [email protected]

/kind misc

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

  • Docs included if any changes are user facing
  • Tests included if any functionality added or changed
  • Follows the commit message standard
  • Meets the Tekton contributor standards (including
    functionality, content, code)
  • Release notes block below has been filled in
    (if there are no user facing changes, use release note "NONE")

Release Notes

SBOM built by "ko" in SPDX format is published along Tekton container images

@afrittoli
Enable automatic SBOM creation with spdx format
f731618 
This pulls in a version of the ko images that includes ko v0.11.2
which by defaults builds and pushes sbom data in SPDX format for
the images using with ko.

Signed-off-by: Andrea Frittoli <[email protected]>
@tekton-robot tekton-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/misc Categorizes issue or PR as a miscellaneuous one. labels May 9, 2022
@tekton-robot tekton-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label May 9, 2022
@afrittoli
Copy link
Member Author

/test pull-tekton-pipeline-go-coverage

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 9, 2022
@tekton-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dibyom, vdemeester

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@imjasonh
Copy link
Member

imjasonh commented May 9, 2022

/lgtm

🎉

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label May 9, 2022
@afrittoli
Copy link
Member Author

/test pull-tekton-pipeline-alpha-integration-tests

@tekton-robot tekton-robot merged commit 1d0bce5 into tektoncd:main May 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vdemeester vdemeester vdemeester approved these changes

@dibyom dibyom dibyom approved these changes

@dlorenc dlorenc Awaiting requested review from dlorenc

@lbernick lbernick Awaiting requested review from lbernick

Assignees

@imjasonh imjasonh

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/misc Categorizes issue or PR as a miscellaneuous one. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@afrittoli @tekton-robot @imjasonh @vdemeester @dibyom