feat: generate/upload sbom for cosign projects #1236

developer-guy · 2021-12-20T15:16:44Z

Signed-off-by: Batuhan Apaydın batuhan.apaydin@trendyol.com

generate/upload sbom for cosign projects

Fixes #959

feat: generate/upload sbom for cosign projects

Makefile

Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>

https://build.opensuse.org/request/show/949015 by user msmeissn + dimstar_suse - updated to 1.5.0 ## Highlights * enable sbom generation when releasing (sigstore/cosign#1261) * feat: log error to stderr (sigstore/cosign#1260) * feat: support attach attestation (sigstore/cosign#1253) * feat: resolve --cert from URL (sigstore/cosign#1245) * feat: generate/upload sbom for cosign projects (sigstore/cosign#1237) * feat: vuln attest support (sigstore/cosign#1168) * feat: add ambient credential detection with spiffe/spire (sigstore/cosign#1220) * feat: generate/upload sbom for cosign projects (sigstore/cosign#1236) * feat: implement cosign download attestation (https

developer-guy requested review from cpanato, mattmoor and dlorenc December 20, 2021 15:16

mattmoor approved these changes Dec 20, 2021

View reviewed changes

imjasonh reviewed Dec 20, 2021

View reviewed changes

Makefile Outdated Show resolved Hide resolved

developer-guy force-pushed the feature/1202 branch 2 times, most recently from ebbdca9 to 65cebd2 Compare December 20, 2021 15:41

feat: generate/upload sbom for cosign projects

5efae86

Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>

developer-guy force-pushed the feature/1202 branch from 65cebd2 to 5efae86 Compare December 20, 2021 15:42

imjasonh approved these changes Dec 20, 2021

View reviewed changes

hectorj2f approved these changes Dec 20, 2021

View reviewed changes

dlorenc merged commit 1104dfd into sigstore:main Dec 20, 2021

github-actions bot added this to the v1.5.0 milestone Dec 20, 2021

Provide feedback