Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds a convenience method for getting the build, launch and layer BOM file paths #95

Merged
merged 1 commit into from Nov 18, 2021
Merged

Adds a convenience method for getting the build, launch and layer BOM file paths #95

merged 1 commit into from Nov 18, 2021

Conversation

dmikusa
Copy link
Contributor

@dmikusa dmikusa commented Nov 16, 2021
edited

Also adds Deprecated: godoc comments.

@dmikusa dmikusa added type:enhancement A general enhancement semver:minor A change requiring a minor version bump labels Nov 16, 2021
@dmikusa dmikusa mentioned this pull request Nov 16, 2021
Merged
5 tasks
samj1912
samj1912 requested changes Nov 16, 2021
View reviewed changes
layer.go Outdated Show resolved Hide resolved
layer.go Outdated Show resolved Hide resolved
layer_test.go Outdated Show resolved Hide resolved
samj1912
samj1912 reviewed Nov 16, 2021
View reviewed changes
layer.go Outdated Show resolved Hide resolved
samj1912
samj1912 reviewed Nov 17, 2021
View reviewed changes
layer.go Outdated Show resolved Hide resolved
@dmikusa
Copy link
Contributor Author

dmikusa commented Nov 17, 2021

@samj1912 - Do you want me to squash all the commits? Or will you do that on merge?

@samj1912
Copy link
Member

Squash would be nice! As a project we try to avoid changing commits from the authors and use "merge" instead.

@dmikusa
Copy link
Contributor Author

dmikusa commented Nov 17, 2021

👍 @samj1912 - squashed.

samj1912
samj1912 requested changes Nov 17, 2021
View reviewed changes
Copy link
Member

@samj1912 samj1912 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few changes for the sake of consistency

layer.go Outdated Show resolved Hide resolved
layer.go Outdated Show resolved Hide resolved
layer.go Outdated Show resolved Hide resolved
layer.go Outdated Show resolved Hide resolved
layer.go Outdated Show resolved Hide resolved
layer.go Outdated Show resolved Hide resolved
layer.go Outdated Show resolved Hide resolved
@dmikusa
Copy link
Contributor Author

dmikusa commented Nov 17, 2021

Just a few changes for the sake of consistency

All set.

samj1912
samj1912 approved these changes Nov 17, 2021
View reviewed changes
Copy link
Member

@samj1912 samj1912 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor comment but apart from that LGTM

application.go Outdated Show resolved Hide resolved
@samj1912
Adds a convenience method for getting the build, launch and layer BOM…
c06fd64 
… file paths

This PR includes:

- convenience methods on the Layers and Layer object for fetching the SBoM path
- deprecated messages if using old-style BOM functionality

Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
Signed-off-by: Daniel Mikusa <dmikusa@vmware.com>
@samj1912
Copy link
Member

Thanks for the PR!

@samj1912 samj1912 merged commit 6aa81e5 into buildpacks:main Nov 18, 2021
@dmikusa dmikusa deleted the bom-rfc-95 branch November 18, 2021 14:08
@dmikusa dmikusa mentioned this pull request Nov 18, 2021
Merged
c0d1ngm0nk3y pushed a commit to sap-contributions/libcnb that referenced this pull request Apr 28, 2023
Updates libcnb to support buildpacks API 0.7
9af239f 
Buildpacks API 0.7 brings one new feature, the functionality for SBoM output through [RFC buildpacks#95](https://github.com/buildpacks/rfcs/blob/main/text/0095-sbom.md).

Without this change, you can write the SBoM information as described in RFC buildpacks#95, but the lifecycle will ignore it. To make the lifecycle capture your SBoM information you need to:
1. Use a version of libcnb with this PR.
2. Update the `api = "0.8"` line in your buildpack.toml.
3. Write the SBoM files from your buildpack according to the locations in RFC buildpacks#95. Libcnb does not provide any help with this activity presently, it is up to the buildpack author.
4. Use a lifecycle version with support, 0.13.0+
5. Use a pack version with platform API 0.8+

The lifecycle should then copy your SBoM files and include them into the image.

This PR is only required because the current implementation restricts usage of libcnb to specific buildpack API versions and we needed to add 0.7 to this list.

Signed-off-by: Daniel Mikusa <dmikusa@vmware.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samj1912 samj1912 samj1912 approved these changes

Assignees
No one assigned
Labels
semver:minor A change requiring a minor version bump type:enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@dmikusa @samj1912