Open laurentsimon opened 2 years ago
SBOMs are one artifact that a build system may output, in addition to other binaries, tarballs, etc We should document this in the doc https://github.com/slsa-framework/slsa-github-generator/tree/main/internal/builders/generic
This may also work for generic containers. @asraa @ianlewis
@lumjjb Let's work on this together
For additional context, this is the branch that @mdeicas and I worked on: https://github.com/lumjjb/slsa-github-generator-go/blob/sbom/.github/workflows/slsa3_builder.yml
SBOMs are one artifact that a build system may output, in addition to other binaries, tarballs, etc We should document this in the doc https://github.com/slsa-framework/slsa-github-generator/tree/main/internal/builders/generic
This may also work for generic containers. @asraa @ianlewis
@lumjjb Let's work on this together