Skip to content

Commit 303288c

Browse files
ThomasK33EdwardAngert
ThomasK33
authored and
EdwardAngert
committed
chore: replace colons in SBOM filename for Docker image attestation (#16914)
This PR fixes an issue in the Docker build script where the SBOM file path used the image tag directly, which could contain colons. Since colons are not valid characters in filenames on many filesystems, this replaces colons with underscores in the output filename. Change-Id: I887f4fc255d9bfa19b6c5d23ad0a5db7352aa2af Signed-off-by: Thomas Kosiewski <tk@coder.com>
1 parent 22bfce0 commit 303288c

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

scripts/build_docker.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -154,14 +154,14 @@ if [[ "$push" == 1 ]]; then
154154
fi
155155

156156
log "--- Generating SBOM for Docker image ($image_tag)"
157-
syft "$image_tag" -o spdx-json >"${image_tag}.spdx.json"
157+
syft "$image_tag" -o spdx-json >"${image_tag//:/_}.spdx.json"
158158

159159
if [[ "$push" == 1 ]]; then
160160
log "--- Attesting SBOM to Docker image for $arch ($image_tag)"
161161
COSIGN_EXPERIMENTAL=1 cosign clean "$image_tag"
162162

163163
COSIGN_EXPERIMENTAL=1 cosign attest --type spdxjson \
164-
--predicate "${image_tag}.spdx.json" \
164+
--predicate "${image_tag//:/_}.spdx.json" \
165165
--yes \
166166
"$image_tag"
167167
fi

0 commit comments

Comments
 (0)