Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apps: Add a flag to disable SBOM generation #334

Merged
merged 1 commit into from
May 16, 2024
Merged

apps: Add a flag to disable SBOM generation #334

merged 1 commit into from
May 16, 2024

Conversation

doanac
Copy link
Member

@doanac doanac commented May 15, 2024

No description provided.

@doanac doanac requested a review from vanmaegima May 15, 2024 20:36
@doanac
Copy link
Member Author

doanac commented May 15, 2024

@vanmaegima - this seems to work in my factory. You think this will work for the customer request?

mike-scott
mike-scott reviewed May 15, 2024
View reviewed changes
apps/build.sh
sbom_dst=/archive/sboms/${ct_base}/${ARCH}.spdx.json
mkdir -p $(dirname $sbom_dst)
syft ${ct_base}:$TAG-$ARCH -o spdx-json > $sbom_dst
if [ -z "$DISABLE_SBOM" ] ; then
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@doanac To implement this a user adds this to the params block of containers?

DISABLE_SBOM: "1"

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yep. i'm testing that now

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

here it is disabled - https://app.foundries.io/factories/andy-corp/targets/77/
here it is enabled(default) - https://app.foundries.io/factories/andy-corp/targets/78/

@vanmaegima
Copy link
Member

@doanac If that is part of the containers block, would that impact platform builds as well? I remember preloaded apps inherit the block from containers, so it'd be good to understand the impact there. I believe the request here is to disable SBOMs for containers only, but I'll double check.

@doanac
Copy link
Member Author

doanac commented May 16, 2024

This only disables for containers. SBOM generation for Platform is done via Yocto - I'm not sure how you disable that.

@quaresmajose
Copy link
Member

quaresmajose commented May 16, 2024
edited
Loading

This only disables for containers. SBOM generation for Platform is done via Yocto - I'm not sure how you disable that.

The yocto SPDX can also be disabled but I don't see much benefit in doing it, in the kirkstone branch it also have negative side effects like reducing the sstate-cache reuse.

@vanmaegima
Copy link
Member

Disabling from Yocto is probably not necessary, thanks!

mike-scott
mike-scott approved these changes May 16, 2024
View reviewed changes
Copy link
Contributor

@mike-scott mike-scott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@doanac
Copy link
Member Author

doanac commented May 16, 2024

rebased on master

@doanac doanac merged commit 5cfb4bc into foundriesio:master May 16, 2024
1 of 2 checks passed
@doanac doanac deleted the disable-syft branch May 16, 2024 18:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vanmaegima vanmaegima vanmaegima approved these changes

@mike-scott mike-scott mike-scott approved these changes

@MrCry0 MrCry0 MrCry0 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@doanac @vanmaegima @quaresmajose @MrCry0 @mike-scott