UNCLASSIFIED - NO CUI

Skip to content

Resolve "Add syft json to cosign attestation"

Tim Seagren requested to merge 703-attest-syft-json-sbom into master

Merge Request Description

This MR re-adds the Syft JSON-formatted SBOM as an attestation layer to allow the scan-logic stage to succeed again.

Additionally adds a parameter to the generate_sbom function to enable configuring the name.

Merge Request BOE

Risk

Low risk, it's a small change and the scan-logic stage is broken already because this isn't in place yet.

Rollback Plan

Testing

Tested in Zelda

Closes #703 (closed)

Merge request reports