stale[bot]
commented
1 year ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Closed ktsakalozos closed 2 weeks ago
stale[bot]
commented
1 year ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
neoaggelos
commented
1 year ago Even though not a complete SBOM, starting from MicroK8s version 1.28.0 we now a include a bom.json file along with each release. Here is an example of what this file might look like:
{
"microk8s": {
"version": "master",
"revision": "bd1dfeae99c7100fdea81c4c26cfc312347271d4"
},
"tools": {
"go": [
"go version go1.20.7 linux/amd64"
],
"gcc": [
"gcc (Ubuntu 9.4.0-1ubuntu1~20.04.1) 9.4.0",
"Copyright (C) 2019 Free Software Foundation, Inc.",
"This is free software; see the source for copying conditions. There is NO",
"warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
],
"python": [
"Python 3.8.10 (default, May 26 2023, 14:05:08) ",
"[GCC 9.4.0]"
],
"python-requirements": [
"attrs==23.1.0",
"certifi==2019.11.28",
"chardet==3.0.4",
"Click==7.0",
"colorama==0.4.3",
"cryptography==2.8",
"idna==2.8",
"jsonschema==4.0.0",
"netifaces==0.10.9",
"pyOpenSSL==19.0.0",
"pyrsistent==0.19.3",
"python-dateutil==2.7.3",
"PyYAML==6.0.1",
"requests==2.22.0",
"six==1.14.0",
"urllib3==1.25.8"
]
},
"components": {
"cluster-agent": {
"repository": "https://github.com/canonical/microk8s-cluster-agent",
"version": "main",
"revision": "b02728cf1617c0de4f61c7ec99c824e6474fbf21",
"patches": [],
"strict-patches": []
},
"cni": {
"repository": "https://github.com/containernetworking/plugins",
"version": "v1.2.0",
"revision": "b0a231fe6eab541b10ba4e3663fbbbf8d15318be",
"patches": [
"0001-single-entrypoint-for-cni-tools.patch"
],
"strict-patches": []
},
"containerd": {
"repository": "https://github.com/containerd/containerd",
"version": "v1.6.15",
"revision": "d60e15325ebd566c61924341ebaab7119d85f001",
"patches": [
"0001-microk8s-sideload-images-plugin.patch"
],
"strict-patches": []
},
"dqlite": {
"repository": "https://github.com/canonical/dqlite",
"version": "v1.14.0",
"revision": "86ac733f42e0eb140c7ee3e7516c814516979d26",
"patches": [],
"strict-patches": []
},
"dqlite-client": {
"repository": "https://github.com/canonical/go-dqlite",
"version": "v1.11.7",
"revision": "7d04094a32ae2afb880086c9c6acf985c779c1b1",
"patches": [],
"strict-patches": []
},
"etcd": {
"repository": "https://github.com/etcd-io/etcd",
"version": "v3.5.5",
"revision": "19002cfc689fba2b8f56605e5797bf79f8b61fdd",
"patches": [],
"strict-patches": []
},
"flannel-cni-plugin": {
"repository": "https://github.com/flannel-io/cni-plugin",
"version": "v1.1.2",
"revision": "18a3027e7d03feeb6ecdfdbc3bf254a8c8b38b04",
"patches": [],
"strict-patches": []
},
"flanneld": {
"repository": "https://github.com/flannel-io/flannel",
"version": "v0.21.2",
"revision": "cf38e32c800c6bc16ca9fed94a345a6a103626f8",
"patches": [
"0001-disable-udp-backend.patch"
],
"strict-patches": []
},
"helm": {
"repository": "https://github.com/helm/helm",
"version": "v3.9.1",
"revision": "be959456ffe1194deb5261a26fba51f8ea149e73",
"patches": [
"0001-disable-warnings-for-kubeconfig-permissions.patch"
],
"strict-patches": []
},
"k8s-dqlite": {
"repository": "https://github.com/canonical/k8s-dqlite",
"version": "MK-1303/k8s-dqlite",
"revision": "69188fb9c3d36dc308e47d17f0eef90298866c16",
"patches": [],
"strict-patches": []
},
"kubernetes": {
"repository": "https://github.com/kubernetes/kubernetes",
"version": "v1.28.0",
"revision": "b0794f8d3be75f9bc6199d21ebba08174168e34b",
"patches": [
"0000-Kubelite-integration.patch",
"0001-Set-log-reapply-handling-to-ignore-unchanged.patch"
],
"strict-patches": []
},
"migrator": {
"repository": "https://github.com/canonical/go-migrator",
"version": "master",
"revision": "359c134a461da7cd447bbaeea1064218dcb857c7",
"patches": [],
"strict-patches": []
},
"raft": {
"repository": "https://github.com/canonical/raft",
"version": "v0.17.1",
"revision": "80489bb3b2dd72b2380527e2012751ec833ad513",
"patches": [],
"strict-patches": []
},
"runc": {
"repository": "https://github.com/opencontainers/runc",
"version": "v1.1.4",
"revision": "5fd4c4d144137e991c4acebb2146ab1483a97925",
"patches": [],
"strict-patches": [
"0001-apparmor-change-profile-immediately-not-on-exec.patch",
"0002-setns_init_linux-set-the-NNP-flag-after-changing-the.patch",
"0003-standard_init_linux-change-AppArmor-profile-as-late-.patch"
]
},
"sqlite": {
"repository": "https://github.com/sqlite/sqlite",
"version": "version-3.33.0",
"revision": "ef215fbf3b581ef4e0273bb3932fa522af88fd7e",
"patches": [],
"strict-patches": []
}
},
"addons": {
"community": {
"repository": "https://github.com/canonical/microk8s-community-addons",
"version": "main",
"revision": "80fea0bb462fdabf4470cb8903aad7095665056a"
},
"core": {
"repository": "https://github.com/canonical/microk8s-core-addons",
"version": "main",
"revision": "900315e2820aa0b424095dc988a7955f5cb47f76"
}
}
}This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Summary
"A “software bill of materials” (SBOM) has emerged as a key building block in software security and software supply chain risk management. A SBOM is a nested inventory, a list of ingredients that make up software components. " from https://www.cisa.gov/sbom
See also https://www.linuxfoundation.org/tools/the-state-of-software-bill-of-materials-sbom-and-cybersecurity-readiness/
Could/should we have one for MicroK8s?
Why is this important?
This is used for security and cross checking licenses of the libs used.