search

openSUSE / obs-build

OBS build script, can be used with OBS or stand alone
GNU General Public License v2.0
133 stars 188 forks source link

Mkosi generate SBOM support using finalize script #1007

Open cschneemann opened 6 months ago

cschneemann commented 6 months ago

Tested with mkosi 22.

If Buildflag sbom is set a mkosi.finaliz script is created in a mkosi.conf.d subdirectory to not overwrite possible existent scripts and will be called at the end to call generate_sbom before mkosi creates the image.

The used version needs to support configuration dir feature and multiple scripts of same name (mkosi v18)

Mkosi builds in using tmpfs and other security features and removes everything after building, so it is not possible to call generate_sbom after mkosi run on the buildroot.

Content of /.build needs to be copied into a place under /usr because most host directories are hidden from mkosi (introduced in mkosi v20)

The name for the spdx profileis set by the ImageID of mkosi.conf. Default is image if not set.

cschneemann commented 6 months ago

@gollub thank you.. typos fixed