search

openSUSE / obs-build

OBS build script, can be used with OBS or stand alone
GNU General Public License v2.0
130 stars 181 forks source link

Mkosi generate SBOM support using finalize script #1007

Open cschneemann opened 1 month ago

cschneemann commented 1 month ago

Tested with mkosi 22.

If Buildflag sbom is set a mkosi.finaliz script is created in a mkosi.conf.d subdirectory to not overwrite possible existent scripts and will be called at the end to call generate_sbom before mkosi creates the image.

The used version needs to support configuration dir feature and multiple scripts of same name (mkosi v18)

Mkosi builds in using tmpfs and other security features and removes everything after building, so it is not possible to call generate_sbom after mkosi run on the buildroot.

Content of /.build needs to be copied into a place under /usr because most host directories are hidden from mkosi (introduced in mkosi v20)

The name for the spdx profileis set by the ImageID of mkosi.conf. Default is image if not set.

cschneemann commented 1 month ago

@gollub thank you.. typos fixed