elemental icon indicating copy to clipboard operation
elemental copied to clipboard

Published 20 hours ago verified publisher icon rancher

Software bill of materials (SBOM)

Open kkaempf opened this issue 1 year ago • 1 comments

(This is created as an elemental issue simply because we don't have a better place for Elemental (the product) )

Elemental Teal should be accompanied with a "Software Bill Of Materials" (SBOM) to document the software supply chain.

Apparently Kubewarden is using CLO Monitor to visualize their SBOM efforts.

  • reach out to Kubewarden team to learn about their SBOM efforts
  • create a document (github issue/epic) on how to implement this for Elemental Teal

kkaempf avatar Sep 02 '22 06:09 kkaempf

This is the PR that aded the sbom to kubewarden. Seems simple enough: https://github.com/kubewarden/kubewarden-controller/pull/246

Itxaka avatar Sep 02 '22 15:09 Itxaka

https://github.com/rancher/elemental-operator/pull/160 for github provided images on elemental-operator

Itxaka avatar Sep 06 '22 09:09 Itxaka

closing as done

kkaempf avatar Sep 20 '22 08:09 kkaempf

PR reverted: https://github.com/rancher/elemental-operator/pull/191

fgiudici avatar Oct 04 '22 07:10 fgiudici

Dont really understand why it could not find the command. Will try in a separate repo to see what is going on.

Itxaka avatar Oct 04 '22 07:10 Itxaka

Just for the record: https://fosdem.org/2023/schedule/event/sbom_key_ingredients/

kkaempf avatar Feb 14 '23 07:02 kkaempf