Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updates libcnb to support buildpacks API 0.7 #94

Merged
merged 1 commit into from Nov 11, 2021
Merged

Updates libcnb to support buildpacks API 0.7 #94

merged 1 commit into from Nov 11, 2021

Conversation

dmikusa
Copy link
Contributor

@dmikusa dmikusa commented Nov 11, 2021
edited by samj1912

Buildpacks API 0.7 brings one new feature, the functionality for SBoM output through RFC #95.

Without this change, you can write the SBoM information as described in RFC #95, but the lifecycle will ignore it. To make the lifecycle capture your SBoM information you need to:

  1. Use a version of libcnb with this PR.
  2. Update the api = "0.7" line in your buildpack.toml.
  3. Write the SBoM files from your buildpack according to the locations in RFC Adds a convenience method for getting the build, launch and layer BOM file paths #95. Libcnb does not provide any help with this activity presently, it is up to the buildpack author.
  4. Use a lifecycle version with support, 0.13.0+
  5. Use a pack version with platform API 0.8+

The lifecycle should then copy your SBoM files and include them into the image.

This PR is only required because the current implementation restricts usage of libcnb to specific buildpack API versions and we needed to add 0.7 to this list.

Signed-off-by: Daniel Mikusa dmikusa@vmware.com

Updates libcnb to support buildpacks API 0.7
9af239f 
Buildpacks API 0.7 brings one new feature, the functionality for SBoM output through [RFC #95](https://github.com/buildpacks/rfcs/blob/main/text/0095-sbom.md).

Without this change, you can write the SBoM information as described in RFC #95, but the lifecycle will ignore it. To make the lifecycle capture your SBoM information you need to:
1. Use a version of libcnb with this PR.
2. Update the `api = "0.8"` line in your buildpack.toml.
3. Write the SBoM files from your buildpack according to the locations in RFC #95. Libcnb does not provide any help with this activity presently, it is up to the buildpack author.
4. Use a lifecycle version with support, 0.13.0+
5. Use a pack version with platform API 0.8+

The lifecycle should then copy your SBoM files and include them into the image.

This PR is only required because the current implementation restricts usage of libcnb to specific buildpack API versions and we needed to add 0.7 to this list.

Signed-off-by: Daniel Mikusa <dmikusa@vmware.com>
@dmikusa dmikusa added type:enhancement A general enhancement semver:minor A change requiring a minor version bump labels Nov 11, 2021
@samj1912 samj1912 merged commit 0376b8a into buildpacks:main Nov 11, 2021
@dmikusa dmikusa deleted the api-07 branch November 14, 2021 02:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samj1912 samj1912 samj1912 approved these changes

Assignees
No one assigned
Labels
semver:minor A change requiring a minor version bump type:enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@dmikusa @samj1912