From 44251b10894d54c826d38f5ce4ac86f0a5a7bff8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Mon, 22 Jun 2026 14:11:19 +0200 Subject: [PATCH] Add SBOM scanning with Trivy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .github/workflows/release.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 77854795..d1012922 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -74,3 +74,13 @@ jobs: appVersion: ${{ needs.create-version.outputs.version }} repoName: security-operator commit: ${{ github.sha }} + + scan-sbom: + needs: [create-version, docker-build-push, sbom, image-ocm] + uses: platform-mesh/.github/.github/workflows/job-trivy-sbom.yml@05d96c3fb19e6283463369b857449f9440aba7dd # main + permissions: + contents: read + packages: read + security-events: write + with: + componentVersion: ${{ needs.create-version.outputs.version }}