feat: ajout pipeline SBOM (Syft + Trivy + Dependency-Track) · 66a843d502 - prestashop-test

feat: ajout pipeline SBOM (Syft + Trivy + Dependency-Track)

Some checks failed

ci/woodpecker/push/woodpecker Pipeline failed

Details

- sbom-generate : inventaire CycloneDX des images prestashop:8-apache et mariadb:10.11 via Syft
- sbom-scan : scan CVE depuis les SBOM via Trivy (cache /home/syoul/trivy-cache)
- sbom-publish : envoi vers dtrack.syoul.fr avec versioning date+commit SHA
- .gitignore : ajout /.reports/

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

This commit is contained in:

syoul

2026-03-19 16:51:43 +01:00

parent 4251638eca

commit 66a843d502

2 changed files with 53 additions and 1 deletions

3

.gitignore vendored

View File

@@ -2,4 +2,5 @@
 /docs-syoul
 /docs-sonic
 /plans
 .env
 .env
 /.reports/

feat: ajout pipeline SBOM (Syft + Trivy + Dependency-Track) Some checks failed ci/woodpecker/push/woodpecker Pipeline failed Details

3 .gitignore vendored Unescape Escape View File

feat: ajout pipeline SBOM (Syft + Trivy + Dependency-Track)

Some checks failed

ci/woodpecker/push/woodpecker Pipeline failed

Details

3

.gitignore vendored

View File