From e007152dd58dc7209b5c78dbdf0afe0a89e97d8a Mon Sep 17 00:00:00 2001 From: danjov Date: Fri, 8 Nov 2024 17:10:05 +0100 Subject: [PATCH] Explicitly set SPDX as SBOM format --- .github/workflows/pre-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index 05f0915..b77a686 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -78,7 +78,7 @@ jobs: push-to-registry: true - name: Extract SBOM in SPDX format - run: docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} --format "{{ json .SBOM }}" > sbom.spdx.json + run: docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} --format "{{ json .SBOM.SPDX }}" > sbom.spdx.json - name: Generate SBOM attestation uses: actions/attest-sbom@v1