feat: Add support for SBOM attestation

Signed-off-by: Paulo Gomes <pjbgf@linux.com>
This commit is contained in:
Paulo Gomes 2023-03-08 09:49:47 +00:00
parent a1837cc829
commit 3676b2a14c
No known key found for this signature in database
4 changed files with 17 additions and 0 deletions

View File

@ -260,3 +260,8 @@ properties:
description: Generate [provenance](https://docs.docker.com/build/attestations/slsa-provenance/) attestation for the build (shorthand for `--attest=type=provenance`).
type: string
required: false
- name: sbom
description: Generate [sbom](https://docs.docker.com/build/attestations/sbom/) attestation for the build (shorthand for `--attest type=sbom`).
type: string
required: false

View File

@ -314,5 +314,12 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
Destination: &settings.Build.Provenance,
Category: category,
},
&cli.StringFlag{
Name: "sbom",
EnvVars: []string{"PLUGIN_SBOM"},
Usage: "generates sbom attestation for the build",
Destination: &settings.Build.SBOM,
Category: category,
},
}
}

View File

@ -156,6 +156,10 @@ func commandBuild(build Build, dryrun bool) *execabs.Cmd {
args = append(args, "--provenance", build.Provenance)
}
if build.SBOM != "" {
args = append(args, "--sbom", build.SBOM)
}
return execabs.Command(dockerBin, args...)
}

View File

@ -64,6 +64,7 @@ type Build struct {
NamedContext cli.StringSlice // Docker build named context
Labels cli.StringSlice // Docker build labels
Provenance string // Docker build provenance attestation
SBOM string // Docker build sbom attestation
}
// Settings for the Plugin.