docker-claude

playground/docker-claude

Fork 0

History

docker-claude e6b46087b3 Some checks failed Build images / check-docker (push) Successful in 3s Details Build images / scan (push) Failing after 46s Details Build images / build-and-push (push) Has been skipped Details feat(ci): generate SBOMs in scan job and attach attestations on push Scan job: run Trivy before the security gate to emit a CycloneDX SBOM for each image (exit-code 0), then run the HIGH/CRITICAL gate as before. SBOMs are uploaded as a pipeline artifact (90-day retention) with if: always() so they're available even when the security gate fails. Build job: add sbom: true and provenance: true to both build-push steps so BuildKit attaches SBOM and provenance attestations to the image manifest in the registry. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-16 11:59:24 +02:00
..
workflows	feat(ci): generate SBOMs in scan job and attach attestations on push	2026-04-16 11:59:24 +02:00

docker-claude e6b46087b3

Build images / check-docker (push) Successful in 3s

Details

Build images / scan (push) Failing after 46s

Details

Build images / build-and-push (push) Has been skipped

Details

feat(ci): generate SBOMs in scan job and attach attestations on push

Scan job: run Trivy before the security gate to emit a CycloneDX SBOM
for each image (exit-code 0), then run the HIGH/CRITICAL gate as before.
SBOMs are uploaded as a pipeline artifact (90-day retention) with
if: always() so they're available even when the security gate fails.

Build job: add sbom: true and provenance: true to both build-push steps
so BuildKit attaches SBOM and provenance attestations to the image
manifest in the registry.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-16 11:59:24 +02:00

workflows

feat(ci): generate SBOMs in scan job and attach attestations on push

2026-04-16 11:59:24 +02:00