HomeLab/ForgeBucket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

added signed artifacts and SBOM generation capabilities

Browse Source
This commit is contained in:
erangel1
2026-05-12 21:31:43 +02:00
parent ab94775162
commit 822f723ff1
16 changed files with 1615 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/models/sbom.go
+17
View File
@@ -0,0 +1,17 @@
package models
import "time"
// SBOMReport stores the generated CycloneDX BOM for a repo at a specific SHA.
// BOMDocument holds the full JSON but is not returned by list endpoints —
// use the dedicated document endpoint to stream it.
type SBOMReport struct {
ID int64 `xorm:"'id' pk autoincr" json:"id"`
RepoID int64 `xorm:"'repo_id' notnull index" json:"repoId"`
RunID int64 `xorm:"'run_id' index" json:"runId"` // 0 = on-demand
SHA string `xorm:"'sha' varchar(40)" json:"sha"`
Format string `xorm:"'format' varchar(30)" json:"format"` // "cyclonedx-json-1.4"
ComponentCount int `xorm:"'component_count'" json:"componentCount"`
BOMDocument string `xorm:"'bom_document' text" json:"-"` // full JSON, not returned in lists
GeneratedAt time.Time `xorm:"'generated_at'" json:"generatedAt"`
}