Skip to content

Commit 947acd2

Browse files
majewskymajewsky
authored
Merge pull request #349 from sapcc/sbom
Generate SBOMs in Goreleaser
2 parents 56618f4 + 5679a6a commit 947acd2

File tree

4 files changed

+17
-7
lines changed

4 files changed

+17
-7
lines changed

internal/core/constants.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@ const (
3030
CodeqlAnalyzeAction = "github/codeql-action/analyze@v3"
3131
CodeqlAutobuildAction = "github/codeql-action/autobuild@v3"
3232

33+
DownloadSyftAction = "anchore/sbom-action/download-syft@v0.20.5"
3334
GolangciLintAction = "golangci/golangci-lint-action@v8"
3435
GoreleaserAction = "goreleaser/goreleaser-action@v6"
3536
MisspellAction = "reviewdog/action-misspell@v1"

internal/ghworkflow/workflow_release.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,10 @@ func releaseWorkflow(cfg core.Configuration) {
2626
j.Steps[0].With = map[string]any{
2727
"fetch-depth": 0,
2828
}
29+
j.addStep(jobStep{
30+
Name: "Install syft",
31+
Uses: core.DownloadSyftAction,
32+
})
2933
j.addStep(jobStep{
3034
Name: "Generate release info",
3135
Run: makeMultilineYAMLString([]string{

internal/goreleaser/goreleaser.yaml.tmpl

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -16,9 +16,6 @@ archives:
1616
- {{ . }}
1717
{{- end }}
1818

19-
checksum:
20-
name_template: "checksums.txt"
21-
2219
builds:
2320
- binary: '{{ .binaryName }}'
2421
env:
@@ -46,9 +43,8 @@ builds:
4643
# Set the modified timestamp on the output binary to ensure that builds are reproducible.
4744
mod_timestamp: "{{`{{ .CommitTimestamp }}`}}"
4845

49-
release:
50-
make_latest: true
51-
prerelease: auto
46+
checksum:
47+
name_template: "checksums.txt"
5248

5349
{{- if .githubDomain }}
5450
github_urls:
@@ -57,5 +53,13 @@ github_urls:
5753
download: https://{{ .githubDomain.Host }}/
5854
{{- end }}
5955

56+
release:
57+
make_latest: true
58+
prerelease: auto
59+
60+
sboms:
61+
- id: archive
62+
artifacts: archive
63+
6064
snapshot:
6165
version_template: "{{`{{ .Tag }}`}}-next"

internal/nix/nix-shell.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,8 @@ func RenderShell(cfg core.Configuration, sr golang.ScanResult, renderGoreleaserC
3636
packages = append(packages, "golangci-lint")
3737
}
3838
if renderGoreleaserConfig {
39-
packages = append(packages, "goreleaser")
39+
// syft is used by goreleaser to generate an SBOM
40+
packages = append(packages, "goreleaser", "syft")
4041
}
4142
runControllerGen := cfg.ControllerGen.Enabled.UnwrapOr(sr.KubernetesController)
4243
if runControllerGen {

0 commit comments

Comments
 (0)