chore: enable sbom attestation for cpu image

Signed-off-by: Maryam Tahhan <[email protected]>
redhat-et · Feb 13, 2025 · f0b2a85 · f0b2a85
1 parent ee7dff7
commit f0b2a85
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/.github/workflows/cpu-image.yml b/.github/workflows/cpu-image.yml
@@ -96,10 +96,10 @@ jobs:
           artifact-name: sbom-${{ matrix.IMAGE_NAME }}-${{ matrix.LABEL }}.json
           output-file: ./sbom-${{ matrix.IMAGE_NAME }}-${{ matrix.LABEL }}.spdx.json
 
-      # - name: Generate SBOM attestation with Cosign with GitHub OIDC Token
-      #   if: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' }}
-      #   run: |
-      #     cosign attest --predicate ./sbom-${{ matrix.IMAGE_NAME }}-${{ matrix.LABEL }}.spdx.json quay.io/triton-dev-containers/${{ matrix.IMAGE_NAME }}:${{ matrix.LABEL }}@${{ steps.build-push-image.outputs.digest }}
+      - name: Generate SBOM attestation with Cosign with GitHub OIDC Token
+        if: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' }}
+        run: |
+          cosign attest --predicate ./sbom-${{ matrix.IMAGE_NAME }}-${{ matrix.LABEL }}.spdx.json --type spdxjson quay.io/triton-dev-containers/${{ matrix.IMAGE_NAME }}:${{ matrix.LABEL }}@${{ steps.build-push-image.outputs.digest }}
 
       - name: Compress SBOM
         run: gzip ./sbom-${{ matrix.IMAGE_NAME }}-${{ matrix.LABEL }}.spdx.json