Skip to content

Commit

Permalink
deprecated-image-check: support SPDX SBOMs
Browse files Browse the repository at this point in the history 
Support extracting the base/builder images from both CycloneDX SBOMs
and SPDX SBOMs.

Signed-off-by: Adam Cmiel <[email protected]>
  • Loading branch information
@chmeliik
chmeliik committed Jan 15, 2025
1 parent 87e9156 commit d8ba4df
Showing 1 changed file with 12 additions and 1 deletion.
13 changes: 12 additions & 1 deletion task/deprecated-image-check/0.4/deprecated-image-check.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,18 @@ spec:
continue
fi
cat ${SBOM_FILE_PATH} | jq -r '.formulation? // empty | .[] | .components? // empty | .[] | select(any((.properties // empty)[]; .name | test("^konflux:container:is_(base|builder)_image"))) | .name' >> ${IMAGES_TO_BE_PROCESSED_PATH}
< "${SBOM_FILE_PATH}" jq -r '
if .bomFormat == "CycloneDX" then
.formulation[]?
| .components[]?
| select(any(.properties[]?; .name | test("^konflux:container:is_(base|builder)_image")))
| .name
else
.packages[]
| select(any(.annotations[]?.comment; (fromjson?).name? | test("^konflux:container:is_(base|builder)_image")?))
| .name
end
' >> "${IMAGES_TO_BE_PROCESSED_PATH}"
echo "Detected base images from $arch SBOM:"
cat "${IMAGES_TO_BE_PROCESSED_PATH}"
echo ""
Expand Down

0 comments on commit d8ba4df

Please sign in to comment.