Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Support SPDX SBOMs #1498

Merged
merged 2 commits into from
Jan 29, 2025
Merged

feat: Support SPDX SBOMs #1498

merged 2 commits into from
Jan 29, 2025

Conversation

chmeliik
Copy link
Contributor

Description

Support unmarshalling the show-sbom task output into either CycloneDX or SPDX models. Do similar assertions for both SBOM formats.

Issue ticket number and link

https://issues.redhat.com/browse/STONEBLD-3051

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Temporary commit in konflux-ci/build-definitions#1865

Checklist:

  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added meaningful description with JIRA/GitHub issue key(if applicable), for example HASSuiteDescribe("STONE-123456789 devfile source")
  • I have updated labels (if needed)

@openshift-ci openshift-ci bot requested review from tisutisu and tnevrlka January 29, 2025 11:16
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 29, 2025
View reviewed changes
pkg/utils/build/sbom.go Fixed Show fixed Hide fixed
pkg/utils/build/sbom.go Fixed Show fixed Hide fixed
@chmeliik
feat: use an interface for SBOM model
7c868cc 
In preparation for SPDX support, wrap the SbomCyclonedx model in a
generic Sbom interface.

Signed-off-by: Adam Cmiel <[email protected]>
@chmeliik
feat: support SPDX SBOMs
6c31d15 
Support unmarshalling the show-sbom task output into either CycloneDX or
SPDX models. Do similar assertions for both SBOM formats.

Signed-off-by: Adam Cmiel <[email protected]>
@chmeliik
Copy link
Contributor Author

As far as I can tell, tests failed on this

[e2e-test] W0129 12:02:33.750033   13264 utils.go:435] failed to unregister SprayProxy: failed to get PaC host: failed to get API group resources: unable to retrieve the complete list of server APIs: route.openshift.io/v1: Get "https://api.kx-7dab3feffd.096r.p3.openshiftapps.com:443/apis/route.openshift.io/v1": dial tcp: lookup api.kx-7dab3feffd.096r.p3.openshiftapps.com on 172.30.0.10:53: no such host - this issue will be reported to a dedicated Slack channel

@chmeliik
Copy link
Contributor Author

/retest

@tisutisu
Copy link
Contributor

/lgtm
/approve

@openshift-ci openshift-ci bot added the lgtm label Jan 29, 2025
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jan 29, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: tisutisu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 698910d into konflux-ci:main Jan 29, 2025
13 checks passed
This was referenced Jan 29, 2025
Open
Merged
@chmeliik chmeliik deleted the spdx branch January 29, 2025 14:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tisutisu tisutisu Awaiting requested review from tisutisu

@tnevrlka tnevrlka Awaiting requested review from tnevrlka

Assignees

@tisutisu tisutisu

Labels
1-5 min approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chmeliik @tisutisu