From 569d09a774e7eac588c2abe85b4c57f630be4ab8 Mon Sep 17 00:00:00 2001 From: vlesich-sylabs Date: Tue, 29 Mar 2022 17:08:35 +0300 Subject: [PATCH 1/3] sbom generating step --- .goreleaser.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.goreleaser.yml b/.goreleaser.yml index cac39d57..f8a3532e 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -65,3 +65,6 @@ archives: - id: linux-archives builds: - linux-builds + +sboms: + - artifacts: archive From aa5d0dff4298a99ed7ef01ac14f0e6d810ea9158 Mon Sep 17 00:00:00 2001 From: vlesich-sylabs Date: Tue, 29 Mar 2022 17:25:53 +0300 Subject: [PATCH 2/3] added syft install step --- .circleci/config.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 3ed484ee..7326494f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -87,6 +87,9 @@ jobs: executor: golang-latest steps: - checkout + - run: + name: Install syft + command: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin - run: name: Test Release command: curl -sL https://git.io/goreleaser | bash -s -- --snapshot --skip-publish From 4b114464321b0ab986ae36cbf99f0d8d9d60fef6 Mon Sep 17 00:00:00 2001 From: vlesich-sylabs Date: Wed, 30 Mar 2022 12:52:41 +0300 Subject: [PATCH 3/3] sbom for publish-release job --- .circleci/config.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 7326494f..db4f254f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -98,6 +98,9 @@ jobs: executor: golang-latest steps: - checkout + - run: + name: Install syft + command: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin - run: name: Publish Release command: curl -sL https://git.io/goreleaser | bash