Skip to content

Merge SBOM CI pipelines into main #219

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
j-chmielewski merged 7 commits into from
Sep 30, 2025
Merged

Merge SBOM CI pipelines into main #219

j-chmielewski merged 7 commits into from
Sep 30, 2025

Conversation

@j-chmielewski
Copy link
Contributor

@j-chmielewski j-chmielewski commented Sep 30, 2025

No description provided.

wojcik91 and others added 7 commits September 15, 2025 19:59
@wojcik91
Merge pull request #211 from DefGuard/release_1.5_merger
52a7cbe 
Release 1.5 merger
@j-chmielewski
Fixes pentest issue DG25-29 from 2025-09-02 (#212)
e9a36e4 
* bump defguard-wireguard-rs dependency to v0.7.7
* cargo update
@j-chmielewski
Merge pull request #215 from DefGuard/main
14376a6 
Merge main into dev after 1.5.1 release
@j-chmielewski
Create SBOM files (#216)
82a5f5c 
* implement sbom workflow

* fix asset name

* spdx format

* depend on build-docker-release instead of prerelease

* test self-hosted runner

* uncomment build steps

* test on prerelease

* use aws docker image to avoid limits

* uncomment binary builds

* use shogo82148/actions-upload-release-asset upload action

* fix trivy action version

* uncomment binary build
@j-chmielewski
CI: scan code with trivy (#217)
26bcdc2 
* CI: scan code with trivy

* bump trivy action version

* include low severity vulns in sbom
@j-chmielewski
Periodic sbom regeneration (#218)
aacbc19 
* periodic sbom regeneration test

* regenerate on push to branch

* run on ubuntu-latest

* try to get uploadUrl with "gh api" command

* limit to 3 latest releases

* only published releases

* test periodic sbom generation for latest releases

* add step id

* run sbom generation on linux

* test cron trigger

* test sbom files re-upload

* (re)generate advisories files

* cleanup, last 3 releases

* comments

* only generate sboms and advisories for the latest release
@j-chmielewski
only generate sbom for full releases
509a543
@j-chmielewski j-chmielewski merged commit 5f6187d into main Sep 30, 2025
2 checks passed
@j-chmielewski j-chmielewski deleted the sbom-into-main branch September 30, 2025 08:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@moubctez moubctez moubctez approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@j-chmielewski @moubctez @wojcik91