Skip to content

SBOM generation#201

Merged
printminion-co merged 1 commit intoionos-devfrom
tl/dev/sbom-generation
Sep 1, 2025
Merged

SBOM generation#201
printminion-co merged 1 commit intoionos-devfrom
tl/dev/sbom-generation

Conversation

@thlehmann-ionos
Copy link

@thlehmann-ionos thlehmann-ionos commented Aug 5, 2025

SBOM generation using @printminion-co 's matrix approach plus applied feedback from 1:1 discussion to create individual components per artifact type instead of merging them. Reasoning: easier to find, avoids confusion when composer and NPM have the same name.

Applied feedback:

  • matrix approach
  • defining component version and on-the-fly creation of components via API
  • artifact types are uploaded as individual SBOMs
  • all SBOMs use the same parent (new repo var added)

@printminion-co printminion-co force-pushed the tl/dev/sbom-generation branch from b359939 to dcae852 Compare August 11, 2025 12:26
@printminion-co printminion-co requested a review from Copilot August 11, 2025 12:40

This comment was marked as outdated.

Sign in to view

@thlehmann-ionos thlehmann-ionos force-pushed the tl/dev/sbom-generation branch 2 times, most recently from 0a228fe to 7edbadb Compare August 13, 2025 11:40
@thlehmann-ionos
Copy link
Author

thlehmann-ionos commented Aug 13, 2025

Review feedback applied. Dummy change for DEMO moved to own branch tl/dev/sbom-generation-DEMO.

Pipeline: https://github.com/IONOS-Productivity/nc-server/actions?query=branch%3Atl%2Fdev%2Fsbom-generation-DEMO

@printminion-co printminion-co marked this pull request as ready for review August 14, 2025 08:23
printminion-co
printminion-co requested changes Aug 14, 2025
View reviewed changes
Copy link

@printminion-co printminion-co left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

review ok
if proposed changes accepted

This comment was marked as outdated.

Sign in to view

@printminion-co @thlehmann-ionos
IONOS(sbom-matrix): add SBOM generation workflow
977e0db 
Co-Authored-By: Thomas Lehmann <t.lehmann@strato.de>
Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
Copilot AI reviewed Sep 1, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements SBOM (Software Bill of Materials) generation using a matrix approach to create individual components per artifact type. The workflow generates separate SBOMs for PHP (Composer) and JavaScript (NPM) dependencies and uploads them to Dependency Track for vulnerability scanning.

  • Matrix-based parallel processing of multiple Nextcloud components and apps
  • Separate SBOM generation for Composer and NPM dependencies per component
  • Integration with Dependency Track for automated vulnerability analysis

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@printminion-co printminion-co merged commit 840fb85 into ionos-dev Sep 1, 2025
4 of 6 checks passed
@printminion-co printminion-co deleted the tl/dev/sbom-generation branch September 1, 2025 13:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@printminion-co printminion-co printminion-co requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@thlehmann-ionos @printminion-co