You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@camel.apache.org by "claudio4j (via GitHub)" <gi...@apache.org> on 2023/05/30 15:17:07 UTC

[GitHub] [camel-k] claudio4j opened a new issue, #4430: SBOM for Camel K

claudio4j opened a new issue, #4430:
URL: https://github.com/apache/camel-k/issues/4430

   There is a growing demand for projects to ship [SBOM](https://www.aquasec.com/cloud-native-academy/supply-chain-security/sbom/) and Camel K and Camel K Runtime are missing these manifests.
   [Camel](https://github.com/apache/camel/tree/main/camel-sbom) and [Camel Quarkus](https://github.com/apache/camel-quarkus/tree/main/camel-quarkus-sbom) already delivers those manifests.
   
   The original [Camel Quarkus discussion](https://github.com/apache/camel-quarkus/pull/4461) about adding sbom.
   
   Camel K currently delivers the `kamel` CLI and the `camel-k-operator` while consumes camel and camel-quarkus artifacts.
   Camel K can leverage camel quarkus sbom or should we create the sbom based only on [camel-k catalog](https://github.com/apache/camel-k/blob/main/resources/camel-catalog-2.16.0-SNAPSHOT.yaml) ?
   
   So I am opening this issue to gather more information about it and 
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] claudio4j commented on issue #4430: SBOM for Camel K

Posted by "claudio4j (via GitHub)" <gi...@apache.org>.

claudio4j commented on issue #4430:
URL: https://github.com/apache/camel-k/issues/4430#issuecomment-1568763392

   Sure, thanks.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] oscerd closed issue #4430: SBOM for Camel K

Posted by "oscerd (via GitHub)" <gi...@apache.org>.

oscerd closed issue #4430: SBOM for Camel K
URL: https://github.com/apache/camel-k/issues/4430


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] oscerd commented on issue #4430: SBOM for Camel K

Posted by "oscerd (via GitHub)" <gi...@apache.org>.

oscerd commented on issue #4430:
URL: https://github.com/apache/camel-k/issues/4430#issuecomment-1568632426

   We could add SBOM generation for the runtime. We could also add the go cyclone dx plugin to generate a go based SBOM for camel K.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] oscerd commented on issue #4430: SBOM for Camel K

Posted by "oscerd (via GitHub)" <gi...@apache.org>.

oscerd commented on issue #4430:
URL: https://github.com/apache/camel-k/issues/4430#issuecomment-1568745195

   I'm going to work on this, if you don't mind.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] oscerd commented on issue #4430: SBOM for Camel K

Posted by "oscerd (via GitHub)" <gi...@apache.org>.

oscerd commented on issue #4430:
URL: https://github.com/apache/camel-k/issues/4430#issuecomment-1569890816

   It should be solved now.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] oscerd commented on issue #4430: SBOM for Camel K

Posted by "oscerd (via GitHub)" <gi...@apache.org>.

oscerd commented on issue #4430:
URL: https://github.com/apache/camel-k/issues/4430#issuecomment-1568646226

   https://github.com/CycloneDX/cyclonedx-gomod


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [camel-k] oscerd commented on issue #4430: SBOM for Camel K

Posted by "oscerd (via GitHub)" <gi...@apache.org>.

oscerd commented on issue #4430:
URL: https://github.com/apache/camel-k/issues/4430#issuecomment-1569891641

   https://github.com/apache/camel-k/tree/main/camel-k-sbom


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org