Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for pack download-sbom #125

Closed
ryanmoran opened this issue Feb 10, 2022 · 2 comments
Closed

Add support for pack download-sbom #125

ryanmoran opened this issue Feb 10, 2022 · 2 comments

Comments

@ryanmoran
Copy link
Member

Summary

The pack CLI supports a new command, download-sbom, that allows users to download the launch SBOM from a container image. We should include this in occam so that we can leverage it in our testing processes.

PR: buildpacks/pack#1351
@fg-j fg-j assigned fg-j and unassigned fg-j Feb 10, 2022
@fg-j
Copy link

fg-j commented Feb 10, 2022
edited
Loading

It seems like pack build --sbom-output-dir dumps the build, launch, and cache SBOMs into the specified output directory. This means there will be a way to access launch SBOM for a build once completing #126. Is supporting this separate command still worth doing?

For an example, try building this java sample app with the instructions from the README and add the --sbom-output-dir flag.

@ryanmoran
Copy link
Member Author

@fg-j If that's the case, then it makes sense to hold off on this until we have a situation that would require it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ryanmoran @fg-j