github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-04-05 00:33:08 +00:00
Code Issues Projects Releases Wiki Activity
Files
41cafa3cc34698cb6cb0ea12c8107fb06372e088
linuxkit/test/cases/000_build/050_sbom
History
Avi Deitcher 41cafa3cc3 bump runc to v1.3.0 and containerd to v2.1.4 (#4165) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2025-08-28 21:05:06 +03:00
..
package1
sbom support
2023-11-14 14:14:45 +02:00
package2
sbom support
2023-11-14 14:14:45 +02:00
README.md
sbom support
2023-11-14 14:14:45 +02:00
test.sh
sbom support
2023-11-14 14:14:45 +02:00
test.yml
bump runc to v1.3.0 and containerd to v2.1.4 (#4165)
2025-08-28 21:05:06 +03:00

README.md

SBoM Test

Test that SBoM gets generated and unified. This test does not launch the image, so it doesn't matter much that what is in it is runnable, only that it gets built.

This test uses local packages inside the directory, to ensure that we get a known and controlled SBoM.

How it works:

  1. Builds the packages in ./package1 and ./package2
  2. Builds the image in ./test.yml
  3. Checks that the image contains an SBoM in the expected location
  4. Checks that the SBoM contains at least some expected packages

To update

If you change the packages in ./package1 or ./package2, you will need to update the ./test.yml file to reflect the new versions.

  1. linuxkit pkg show-tag ./package1
  2. linuxkit pkg show-tag ./package2
  3. Update the onboot section of ./test.yml with the new versions
Reference in New Issue View Git Blame Copy Permalink