Skip to content

Commit

Permalink
Add sbom section to the security insights file (kubernetes-sigs#2443)
Browse files Browse the repository at this point in the history 
* Add sbom section to the security insights file

* docs: Add SBOM file update to release checklist

* docs: Remove separate item on the NEW RELEASE checklist about SBOM and add it to the existing item covering that file
  • Loading branch information
@mwysokin
mwysokin authored Jun 21, 2024
1 parent f7bbc79 commit 580f9b5
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/NEW_RELEASE.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ Please do not remove items from the checklist
- Release notes in the `CHANGELOG`
- `version` in `site/config.toml`
- `appVersion` in `charts/kueue/Chart.yaml`
- `last-updated`, `last-reviewed`, `commit-hash`, `project-release`, and `distribution-points` in `SECURITY-INSIGHTS.yaml`
- `last-updated`, `last-reviewed`, `commit-hash`, `project-release`, `distribution-points` and `sbom-file` in `SECURITY-INSIGHTS.yaml`
- [ ] For a major or minor release, prepare the repo for the next version:
- [ ] create an unannotated _devel_ tag in the
`main` branch, on the first commit that gets merged after the release
Expand Down
3 changes: 3 additions & 0 deletions SECURITY-INSIGHTS.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,3 +61,6 @@ dependencies:
third-party-packages: true
dependencies-lists:
- 'https://github.com/kubernetes-sigs/kueue/blob/main/go.mod'
sbom:
- sbom-file: https://github.com/kubernetes-sigs/kueue/releases/download/v0.7.0/kueue-v0.7.0.spdx.json
sbom-format: SPDX

0 comments on commit 580f9b5

Please sign in to comment.