fix sbom generation

Signed-off-by: Alex Goodman <[email protected]>
anchore · Apr 23, 2024 · 0dd846d · 0dd846d
1 parent 77b3e97
commit 0dd846d
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 8 deletions.
diff --git a/.binny.yaml b/.binny.yaml
@@ -12,6 +12,7 @@ tools:
         - -X main.gitDescription={{ .Version }}
         # note: sprig functions are available: http://masterminds.github.io/sprig/
         - -X main.buildDate={{ now | date "2006-01-02T15:04:05Z07:00" }}
+
   - name: binny
     version:
       want: v0.6.2
@@ -57,14 +58,14 @@ tools:
   # used for signing the checksums file at release
   - name: cosign
     version:
-      want: v2.2.3
+      want: v2.2.4
     method: github-release
     with:
       repo: sigstore/cosign
 
   - name: goreleaser
     version:
-      want: v1.21.1
+      want: v1.25.1
     method: github-release
     with:
       repo: goreleaser/goreleaser
@@ -78,7 +79,7 @@ tools:
 
   - name: bouncer
     version:
-      want: v0.1.0
+      want: v0.4.0
     method: github-release
     with:
       repo: wagoodman/go-bouncer
@@ -92,7 +93,7 @@ tools:
 
   - name: syft
     version:
-      want: v0.95.0
+      want: v1.2.0
     method: github-release
     with:
       repo: anchore/syft
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -47,8 +47,8 @@ jobs:
     permissions:
       contents: write
       packages: write
-      issues: read
-      pull-requests: read
+      # required for goreleaser signs section with cosign
+      id-token: write
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
         with:

diff --git a/.goreleaser.yaml b/.goreleaser.yaml
@@ -42,7 +42,6 @@ builds:
           env:
             - QUILL_LOG_FILE=/tmp/quill-{{ .Target }}.log
 
-
 archives:
   - id: linux-archives
     builds:

diff --git a/Taskfile.yaml b/Taskfile.yaml
@@ -56,6 +56,7 @@ tasks:
       - "{{ .TOOL_DIR }}/chronicle"
       - "{{ .TOOL_DIR }}/glow"
       - "{{ .TOOL_DIR }}/goreleaser"
+      - "{{ .TOOL_DIR }}/bouncer"
     status:
       - "{{ .TOOL_DIR }}/binny check -v"
     cmd: "{{ .TOOL_DIR }}/binny install -v"
@@ -141,7 +142,7 @@ tasks:
       - cmd: "mkdir -p {{ .TMP_DIR }}"
         silent: true
       - cmd: |
-          cat .goreleaser.yaml >> {{ .TMP_DIR }}/goreleaser.yaml
+          cat .goreleaser.yaml > {{ .TMP_DIR }}/goreleaser.yaml
           echo "dist: {{ .SNAPSHOT_DIR }}" >> {{ .TMP_DIR }}/goreleaser.yaml
       - cmd: "{{ .TOOL_DIR }}/goreleaser release --clean --skip=publish --skip=sign --snapshot --config {{ .TMP_DIR }}/goreleaser.yaml"
-Original file line number
+Diff line change
@@ Expand Up / @@ -42,7 +42,6 @@ builds: @@
               env:
                 - QUILL_LOG_FILE=/tmp/quill-{{ .Target }}.log
     archives:
       - id: linux-archives
         builds:
@@ Expand Down @@