Skip to content

chore: Augment SBOM on demand #1368

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 17, 2025
Merged

chore: Augment SBOM on demand #1368

merged 3 commits into from
Jun 17, 2025

Conversation

@oarbusi
Copy link
Collaborator

@oarbusi oarbusi commented Jun 16, 2025

Proposed changes

Augments SBOM on demand

Link to any related issue(s): CLOUDP-325043

Type of change:

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as
    expected)
  • This change requires a documentation update
  • If changes include removal or addition of 3rd party GitHub actions, I updated our internal document. Reach out to the APIx Integration slack channel to get access to the internal document.

Manual QA performed:

  • cfn invoke for each of CRUDL/cfn test
  • Updated resource in example
  • Published to AWS private registry
  • Used the template in example to create and update a stack in AWS
  • Deleted stack to ensure resources are deleted
  • Created multiple resources in same stack
  • Validated in Atlas UI
  • Included screenshots

Required Checklist:

  • I have signed the MongoDB CLA
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that this change does not generate any credentials and that they are NOT accidentally logged anywhere.
  • I have added any necessary documentation (if appropriate)
  • I have run make fmt and formatted my code
  • For CFN Resources: I have released by changes in the private registry and proved by change
    works in Atlas

Further comments

@oarbusi oarbusi marked this pull request as ready for review June 16, 2025 10:57
Copilot AI review requested due to automatic review settings June 16, 2025 10:57
@oarbusi oarbusi requested a review from a team as a code owner June 16, 2025 10:57
Copilot AI reviewed Jun 16, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Adds on-demand SBOM augmentation by introducing a new script, Makefile target, and GitHub Actions workflow to integrate with Kondukto.

  • Introduce augment-sbom.sh for running SBOM augmentation via Docker
  • Add augment-sbom target in the Makefile
  • Create generate-augmented-sbom.yml workflow for manual dispatch

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File Description
scripts/augment-sbom.sh New script to wrap a Docker invocation of Kondukto
Makefile Added augment-sbom phony target
.github/workflows/generate-augmented-sbom.yml Workflow for manual SBOM augmentation and artifact upload
Comments suppressed due to low confidence (2)

.github/workflows/generate-augmented-sbom.yml:31

  • [nitpick] Consider using a versioned checkout action (e.g., actions/checkout@v3) rather than a fixed SHA to improve clarity and maintainability.
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

.github/workflows/generate-augmented-sbom.yml:33

  • [nitpick] The actions/setup-go step isn’t required for a Bash-based SBOM augmentation; removing it could reduce workflow startup time.
- uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5

lantoli
lantoli reviewed Jun 16, 2025
View reviewed changes
@oarbusi oarbusi added this pull request to the merge queue Jun 17, 2025
Merged via the queue into master with commit 766e24b Jun 17, 2025
35 checks passed
@oarbusi oarbusi deleted the CLOUDP-325043 branch June 17, 2025 08:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@lantoli lantoli lantoli approved these changes

@maastha maastha maastha approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@oarbusi @lantoli @maastha