From 45e6d49aa4ccc89ea8f3b7fe7046bf4d73514ca4 Mon Sep 17 00:00:00 2001 From: Lukasz Juranek Date: Sat, 31 Jan 2026 08:12:51 +0100 Subject: [PATCH] Add sbom targets (#2232) --- BUILD | 47 +++++++++++++++++++++++++++++++++++++++++++++++ MODULE.bazel | 10 ++++++++++ 2 files changed, 57 insertions(+) diff --git a/BUILD b/BUILD index 2d6570fe8e..6cbc498f3f 100644 --- a/BUILD +++ b/BUILD @@ -32,3 +32,50 @@ filegroup( srcs = ["README.md"], visibility = ["//visibility:public"], ) + +# ============================================================================ +# SBOM Generation Targets +# ============================================================================ +load("@score_tooling//sbom:defs.bzl", "sbom") + +# SBOM for orchestrator + persistency example +sbom( + name = "sbom_orch_per", + targets = ["//feature_showcase/rust:orch_per_example"], + module_lockfile = "@score_crates//:MODULE.bazel.lock", + component_name = "orch_per_example", + component_version = "0.5.0-beta", + auto_crates_cache = True, + auto_cdxgen = True, + sbom_authors = ["Eclipse SCORE Team"], + generation_context = "build", +) + +# SBOM for kyron example +sbom( + name = "sbom_kyron", + targets = ["//feature_showcase/rust:kyron_example"], + module_lockfile = "@score_crates//:MODULE.bazel.lock", + component_name = "kyron_example", + component_version = "0.5.0-beta", + auto_crates_cache = True, + auto_cdxgen = True, + sbom_authors = ["Eclipse SCORE Team"], + generation_context = "build", +) + +# Combined SBOM for all public targets +sbom( + name = "sbom_all", + targets = [ + "//feature_showcase/rust:orch_per_example", + "//feature_showcase/rust:kyron_example", + ], + module_lockfile = "@score_crates//:MODULE.bazel.lock", + component_name = "score_reference_integration", + component_version = "0.5.0-beta", + auto_crates_cache = True, + auto_cdxgen = True, + sbom_authors = ["Eclipse SCORE Team"], + generation_context = "build", +) diff --git a/MODULE.bazel b/MODULE.bazel index ec3c107dd4..4f5a86f85e 100644 --- a/MODULE.bazel +++ b/MODULE.bazel @@ -65,3 +65,13 @@ git_override( bazel_dep(name = "rules_rust", version = "0.67.0") bazel_dep(name = "score_itf", version = "0.1.0") bazel_dep(name = "score_crates", version = "0.0.6") + +# ============================================================================ +# SBOM Metadata Collection +# ============================================================================ +# Enable SBOM metadata collection from all modules in the dependency graph +sbom_ext = use_extension( + "@score_tooling//sbom:extensions.bzl", + "sbom_metadata", +) +use_repo(sbom_ext, "sbom_metadata")