-
Spike
-
Resolution: Done
-
Major
-
None
-
None
-
None
-
image-builder-1
-
None
It turned out that the SBOMs generated by image builder need a few adjustments to produce reasonable outputs in RHTPA. This will also require re-architecting the implementation a bit.
Before jumping into the implementation, we need to redefine requirements from (potential) external stakeholders and ourselves.
Stakeholders to consider:
- Image Builder team
- ProdSec team
- RHTPA team
- Konflux team
- SBOMer team (optional)
Acceptance Criteria
- Key contacts are identified per stakeholder team.
- A document with a comprehensive requirements definition per stakeholder exists.
Requirements Doc
https://docs.google.com/document/d/1PvhuGG6oN9m1MLzqV3Uawx_vGJ3SRIDh8XFm2vy_uvQ/edit?tab=t.0
- depends on
-
HMS-9065 Determine points of contact for Image Builder SBOM stakeholders
-
- Closed
-
-
HMS-9180 Meet with ProdSec to determine their requirements for SBOMs
-
- Closed
-
-
HMS-9291 Meet with Konflux to determine their requirements for SBOMs
-
- Closed
-
-
HMS-9292 Meet with RHTPA to determine their requirements for SBOMs
-
- Closed
-
-
HMS-8767 [SBOM] Redefine and update the requirements Google Doc
-
- Closed
-