diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 75843bb..1dfe776 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -73,3 +73,13 @@ jobs: appVersion: ${{ needs.create-version.outputs.version }} repoName: virtual-workspaces commit: ${{ github.sha }} + + scan-sbom: + needs: [create-version, docker-build-push, sbom, image-ocm] + uses: platform-mesh/.github/.github/workflows/job-trivy-sbom.yml@05d96c3fb19e6283463369b857449f9440aba7dd # main + permissions: + contents: read + packages: read + security-events: write + with: + componentVersion: ${{ needs.create-version.outputs.version }}