github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-09-18 16:35:29 +00:00
Code Issues Projects Releases Wiki Activity
Files
master
linuxkit/test/cases/000_build/050_sbom
History

README.md

SBoM Test

Test that SBoM gets generated and unified. This test does not launch the image, so it doesn't matter much that what is in it is runnable, only that it gets built.

This test uses local packages inside the directory, to ensure that we get a known and controlled SBoM.

How it works:

  1. Builds the packages in ./package1 and ./package2
  2. Builds the image in ./test.yml
  3. Checks that the image contains an SBoM in the expected location
  4. Checks that the SBoM contains at least some expected packages

To update

If you change the packages in ./package1 or ./package2, you will need to update the ./test.yml file to reflect the new versions.

  1. linuxkit pkg show-tag ./package1
  2. linuxkit pkg show-tag ./package2
  3. Update the onboot section of ./test.yml with the new versions