chore: add sbom workflow

Author: qevolg

.github/workflows/sbom.yml

@@ -0,0 +1,34 @@
+name: SBOM
+
+on:
+  pull_request:
+    branches: ["main", "3.0"]
+  release:
+    types: [published]
+
+permissions:
+  contents: write
+
+env:
+  SBOM_FILENAME: "${{ github.event.repository.name }}-sbom.cdx.json"
+
+jobs:
+  sbom:
+    name: Generate and Scan SBOM
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Create SBOM
+        uses: anchore/sbom-action@v0
+        with:
+          format: cyclonedx-json
+          output-file: "${{ env.SBOM_FILENAME }}"
+          artifact-name: "${{ env.SBOM_FILENAME }}"
+
+      - name: Scan SBOM
+        uses: anchore/scan-action@v7
+        with:
+          sbom: "${{ env.SBOM_FILENAME }}"
+          cache-db: true
+          output-format: "table"