From 0195264988d3da18eb819b130a7e1d31852f0cb9 Mon Sep 17 00:00:00 2001
From: gcaracuel <633810+gcaracuel@users.noreply.github.com>
Date: Mon, 12 Jun 2023 08:33:33 +0200
Subject: [PATCH] Adds SBOM creation and build for ARM

---
 .github/workflows/docker.yaml | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index fb8d7257..5d00f440 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -42,5 +42,18 @@ jobs:
           context: .
           file: src/Dockerfile
           push: true
+          sbom: true
+          platforms: linux/amd64,linux/arm64
+          provenance: true
           tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
\ No newline at end of file
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Scan SBOM
+        uses: anchore/scan-action@v3
+        with:
+          image: ${{ steps.meta.outputs.tags }}
+          add-cpes-if-none: true
+          output-format: table
+          severity-cutoff: critical
+          # fail-build: true
+          fail-build: false
\ No newline at end of file