Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade TemurinGenSBOM to use CycloneDX v9.0.5 spec 1.0.6 #3985

Merged
merged 29 commits into from
Nov 8, 2024

Conversation

andrew-m-leonard
Copy link
Contributor

@andrew-m-leonard andrew-m-leonard commented Oct 10, 2024

  • Upgrade to CycloneDX v9.0.5 spec 1.0.6 to support the new CycloneDX Attestations (CDXA) documents
  • Resolve issue with SBOM dependency jar versioning with the https://ci.adoptium.net/view/all/job/build.getDependency/ job
  • Allow local dependency cache dir, to allow jars to be pre-installed by ansible.... Added new --local-dependency-cache-dir build arg

Fixes #3970

@andrew-m-leonard andrew-m-leonard self-assigned this Oct 10, 2024
@github-actions github-actions bot added the testing Issues that enhance or fix our test suites label Oct 10, 2024
@andrew-m-leonard andrew-m-leonard marked this pull request as draft October 11, 2024 08:22
@andrew-m-leonard andrew-m-leonard marked this pull request as ready for review November 1, 2024 10:28
Copy link
Contributor

@adamfarley adamfarley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@andrew-m-leonard andrew-m-leonard marked this pull request as draft November 4, 2024 09:26
@github-actions github-actions bot added the documentation Issues that request updates to our documentation label Nov 6, 2024
@andrew-m-leonard andrew-m-leonard marked this pull request as ready for review November 6, 2024 15:36
@andrew-m-leonard andrew-m-leonard requested a review from sxa November 6, 2024 15:37
sbin/build.sh Show resolved Hide resolved
sbin/build.sh Show resolved Hide resolved
sbin/build.sh Show resolved Hide resolved
@adamfarley adamfarley self-requested a review November 7, 2024 11:09
Copy link
Contributor

@adamfarley adamfarley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@github-actions github-actions bot added the ansible Issues related to our ansible playbooks in the infrastructure repo label Nov 8, 2024
@andrew-m-leonard andrew-m-leonard requested a review from sxa November 8, 2024 10:18
@andrew-m-leonard
Copy link
Contributor Author

Raised infrastructure issue for ansible update to download local cache of jars: adoptium/infrastructure#3806

@andrew-m-leonard andrew-m-leonard merged commit 229d5b0 into adoptium:master Nov 8, 2024
28 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ansible Issues related to our ansible playbooks in the infrastructure repo documentation Issues that request updates to our documentation testing Issues that enhance or fix our test suites
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Upgrade temurin-build/cyclonedx-lib build to use cyclonedx-core-java latest "1.6 spec" release
3 participants