Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #23356: Add SBOM tooling #5291

Merged
merged 4 commits into from Mar 18, 2024
Merged

Fixes #23356: Add SBOM tooling #5291

merged 4 commits into from Mar 18, 2024

Conversation

amousset
Copy link
Member

@amousset amousset commented Dec 27, 2023
edited

https://issues.rudder.io/issues/23356

  • Use CycloneDX as it's the one with the best coverage for our ecosystem
  • We are (presumably) able to convert to SPDX using cyclonedx CLI
  • Generate a file by "package" (rpm/dpkg/rpkg/msi/etc.)
  • Only support tagged releases

@amousset amousset requested a review from Fdall December 27, 2023 20:37
@amousset amousset marked this pull request as draft December 27, 2023 20:37
@amousset amousset added the WIP Use that label for a Work In Progress PR that must not be merged yet label Dec 27, 2023
@amousset amousset removed the request for review from Fdall December 27, 2023 20:38
@amousset
Copy link
Member Author

PR updated with a new commit

@amousset amousset marked this pull request as ready for review December 28, 2023 14:32
@amousset
Copy link
Member Author

PR updated with a new commit

@amousset amousset marked this pull request as draft January 25, 2024 19:24
@amousset amousset force-pushed the arch_23356/add_poc_sbom_tooling branch 2 times, most recently from cc6c2ec to 147007c Compare March 15, 2024 16:33
@amousset
Copy link
Member Author

PR updated with a new commit

2 similar comments
@amousset
Copy link
Member Author

PR updated with a new commit

@amousset
Copy link
Member Author

PR updated with a new commit

@amousset amousset changed the title Fixes #23356: Add PoC SBOM tooling Fixes #23356: Add SBOM tooling Mar 15, 2024
@amousset amousset marked this pull request as ready for review March 15, 2024 20:30
@amousset amousset removed the WIP Use that label for a Work In Progress PR that must not be merged yet label Mar 15, 2024
@amousset amousset requested a review from Fdall March 18, 2024 10:24
@Normation-Quality-Assistant
Copy link
Contributor

This PR is not mergeable to upper versions.
Since it is "Ready for merge" you must merge it by yourself using the following command:
rudder-dev merge https://github.com/Normation/rudder/pull/5291
-- Your faithful QA
Kant merge: "Morality is not the doctrine of how we may make ourselves happy, but how we may make ourselves worthy of happiness."
(https://ci.normation.com/jenkins/job/merge-accepted-pr/81741/console)

@amousset
Copy link
Member Author

OK, squash merging this PR

@amousset
Fixes #23356: Add PoC SBOM tooling
3120d28
@amousset
fixup! Work in progress
f1a6b2a 
Fixes #23356: Add PoC SBOM tooling
@amousset
fixup! fixup! Work in progress
eee9f2c 
Fixes #23356: Add PoC SBOM tooling
@amousset
fixup! fixup! fixup! Work in progress
6863d64 
Fixes #23356: Add PoC SBOM tooling
@amousset amousset force-pushed the arch_23356/add_poc_sbom_tooling branch from 293f0f7 to 6863d64 Compare March 18, 2024 18:59
@amousset amousset merged commit 6863d64 into Normation:branches/rudder/8.0 Mar 18, 2024
1 check was pending
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Fdall Fdall Awaiting requested review from Fdall

Assignees
No one assigned
Labels
qa: Can't merge Ready for merge
Projects
None yet
Milestone
No milestone
2 participants
@amousset @Normation-Quality-Assistant