From 5985600ea904caf09f4d48e9a79ba94c715c201f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mudrini=C4=87?= Date: Mon, 22 Jun 2026 13:47:10 +0200 Subject: [PATCH] Add SBOM scanning with Trivy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On-behalf-of: @SAP marko.mudrinic@sap.com Signed-off-by: Marko Mudrinić --- .github/workflows/release.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 75843bb..1dfe776 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -73,3 +73,13 @@ jobs: appVersion: ${{ needs.create-version.outputs.version }} repoName: virtual-workspaces commit: ${{ github.sha }} + + scan-sbom: + needs: [create-version, docker-build-push, sbom, image-ocm] + uses: platform-mesh/.github/.github/workflows/job-trivy-sbom.yml@05d96c3fb19e6283463369b857449f9440aba7dd # main + permissions: + contents: read + packages: read + security-events: write + with: + componentVersion: ${{ needs.create-version.outputs.version }}