-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support syft #191
Support syft #191
Conversation
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
PR Analysis
PR Feedback
How to useInstructions
|
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Summary:
|
Can you check why? |
It's because I don't check the error returned: I don't check since it is deleting older spdx sboms, and we can't do anything it there is an error (also I have asked @vladklokun if he thinks we should leave this check) |
Signed-off-by: Amir Malka <amirm@armosec.io>
* Create scorecard.yml Signed-off-by: David Wertenteil <dwertent@armosec.io> * Update README.md Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>
Signed-off-by: Amir Malka <amirm@armosec.io>
@@ -327,7 +327,7 @@ func (wh *WatchHandler) HandleSBOMEvents(sbomEvents <-chan watch.Event, errorCh | |||
defer close(errorCh) | |||
|
|||
for event := range sbomEvents { | |||
obj, ok := event.Object.(*spdxv1beta1.SBOMSummary) | |||
obj, ok := event.Object.(*spdxv1beta1.SBOMSyft) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Daniel-GrunbergerCA Are we not using summary objects?
Signed-off-by: David Wertenteil <dwertent@armosec.io>
bump version
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
update readme
Signed-off-by: David Wertenteil <dwertent@armosec.io>
Signed-off-by: David Wertenteil <dwertent@armosec.io>
Signed-off-by: David Wertenteil <dwertent@armosec.io>
bump k8s-interface pkg
* bump to version 155 Signed-off-by: David Wertenteil <dwertent@armosec.io> * fix hash Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: David Wertenteil <dwertent@armosec.io>
Signed-off-by: David Wertenteil <dwertent@armosec.io>
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
…to support-syft Signed-off-by: David Wertenteil <dwertent@armosec.io>
Signed-off-by: David Wertenteil <dwertent@armosec.io>
Summary:
|
PR Type:
Enhancement
PR Description:
This PR introduces support for handling Software Bill of Materials (SBOMs) in Syft format. The changes are as follows:
PR Main Files Walkthrough:
files:
watcher/watcher_test.go
: Replaced SPDX SBOMs with Syft SBOMs in the test cases. Updated the expected SBOM names in the tests.watcher/watcher.go
: Replaced SPDX SBOMs with Syft SBOMs in the SBOM event handlers. Updated the SBOM watcher to handle Syft SBOMs.go.sum
: Updated the project dependencies.go.mod
: Updated the project dependencies.User Description:
This PR introduces support for watching
sboms
andfilteredsboms
onsyft
format. It replaces the types ofspdx
sboms withsyft
ones.