chore: enable SBOM and containerd support in Docker builds

matifali · matifali · commit 1dcf0dab2881 · 2025-03-08T00:10:24.000Z
Added SBOM (Software Bill of Materials) generation during Docker build to enhance traceability. Refer to Docker documentation on SBOM: docs.docker.com/build/metadata/attestations/sbom
Updated Docker build scripts to use BuildKit for provenance and SBOM support: docs.docker.com/build/metadata/attestations
Configured Docker daemon to support the Containerd snapshotter feature to improve performance: docs.docker.com/engine/storage/containerd
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -999,7 +999,7 @@ jobs:
           AC_CERTIFICATE_PASSWORD_FILE: /tmp/apple_cert_password.txt
 
       - name: Upload build artifacts
-        if: ${{ github.repository_owner == 'coder' }}
+        if: ${{ github.repository_owner == 'coder' && github.ref == 'refs/heads/main' }}
         uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
         with:
           name: dylibs
