Creating SBOM #17622
Assignees
Labels
kind/requirement
New feature or idea on top of harbor
Comments
|
Seeing that there are ideas to leverage the Cosign specification to attach SBOM images, maybe this would be a nice case of dogfooding: |
|
Hello, I'd like to help with this. Where can I start? |
|
@wy65701436 we have to close this when we have 2.10 out :) |
|
2,10 is out is this still relevant? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi team,
we need a way to create SBOM for Harbor and have it statically created or to attach it with each release
Here is why: https://clomonitor.io/docs/topics/checks/#software-bill-of-materials-sbom
we need to be compliant on 100%
I think we can use something like the Kubernetes BOM tool: https://github.com/kubernetes-sigs/bom
or something else!
Orlix
The text was updated successfully, but these errors were encountered: