Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Communicate Feature - Convert SBOM to security compliant formats .spdx or .cyclone.dx #1387

Closed
2 of 5 tasks
Madeline-UX opened this issue Feb 27, 2023 · 1 comment · Fixed by #1394
Closed
2 of 5 tasks
Labels
documentation 📘 Improvements or additions to documentation

Comments

@Madeline-UX
Copy link
Contributor

Madeline-UX commented Feb 27, 2023

Current State

I spoke with someone who works in defense cyber security about SBOM. They were very eager and concerned about the format type for SBOM to meet compliance. The conversation could not proceed much past them knowing what formats Zarf supported for SBOM - indicating that it is important to potential users to know upfront if SBOM supports file formats that are compliant with government controls.

As a potential Zarf users - I would like to easily be able to find information on what SBOM file formats Zarf supports. This is important to my contract requires me to have an SBOM in a compliant format (.spdx or .cyclone.dx) to delivery my software to a controlled system.

Describe the solution you'd like

  • 

1. Create SBOM Docs page
 under user guide (currently just CLI commands and SBOM UI pages)
  • 
2. Add button to convert SBOM file type in UI
  • 

3. Add reference to SBOM file type compliance to website home page (why use zarf section)
  • 4. Add as a feature to the to feature list on the docs overview
  • 5. Add as a feature to feature list in github read.me

Additional context

Add any other context or screenshots about the feature request here.

@Madeline-UX Madeline-UX added the documentation 📘 Improvements or additions to documentation label Feb 27, 2023
@github-project-automation github-project-automation bot moved this to New Requests in Zarf Project Board Feb 27, 2023
@github-project-automation github-project-automation bot moved this to New Requests in Zarf.dev Feb 27, 2023
@Madeline-UX Madeline-UX moved this from New Requests to Needs UX in Zarf Project Board Feb 27, 2023
@Madeline-UX Madeline-UX moved this from New Requests to Needs Design in Zarf.dev Feb 27, 2023
@Madeline-UX Madeline-UX added this to the v0.25.x milestone Feb 27, 2023
Racer159 added a commit that referenced this issue Mar 2, 2023
## Description

- [x] - Made list formatting consistent with Docs Style Guide
- [x] - Added new feature to feature list ( Convert SBOM JSON file into
other formats (.xpdx or .cyclone.dx) to meet government compliance.)

## Related Issue

Fixes #1387 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

---------

Co-authored-by: Wayne Starr <Racer159@users.noreply.github.com>
@github-project-automation github-project-automation bot moved this from Needs Design to Done in Zarf.dev Mar 2, 2023
@github-project-automation github-project-automation bot moved this from Needs UX to Done in Zarf Project Board Mar 2, 2023
@Madeline-UX Madeline-UX reopened this Mar 2, 2023
@github-project-automation github-project-automation bot moved this from Done to In Progress in Zarf.dev Mar 2, 2023
Noxsios pushed a commit that referenced this issue Mar 8, 2023
## Description

- [x] - Made list formatting consistent with Docs Style Guide
- [x] - Added new feature to feature list ( Convert SBOM JSON file into
other formats (.xpdx or .cyclone.dx) to meet government compliance.)

## Related Issue

Fixes #1387 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

---------

Co-authored-by: Wayne Starr <Racer159@users.noreply.github.com>
Noxsios pushed a commit that referenced this issue Mar 8, 2023
## Description

- [x] - Made list formatting consistent with Docs Style Guide
- [x] - Added new feature to feature list ( Convert SBOM JSON file into
other formats (.xpdx or .cyclone.dx) to meet government compliance.)

## Related Issue

Fixes #1387

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

---------

Co-authored-by: Wayne Starr <Racer159@users.noreply.github.com>
Signed-off-by: razzle <harry@razzle.cloud>
Racer159 added a commit that referenced this issue Mar 8, 2023
## Description

- [x] - Made list formatting consistent with Docs Style Guide
- [x] - Added new feature to feature list ( Convert SBOM JSON file into
other formats (.xpdx or .cyclone.dx) to meet government compliance.)

## Related Issue

Fixes #1387

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

---------

Co-authored-by: Wayne Starr <Racer159@users.noreply.github.com>
Signed-off-by: Wayne Starr <me@racer159.com>
@Racer159 Racer159 changed the title Communicate Feature - Convert SBOM to security compliant formats .xpdx or .cyclone.dx Communicate Feature - Convert SBOM to security compliant formats .spdx or .cyclone.dx Mar 19, 2023
@Racer159 Racer159 modified the milestones: v0.25.x, v0.26.x Mar 19, 2023
@Racer159 Racer159 removed this from the v0.27 (m1-5.16) milestone May 16, 2023
@Noxsios
Copy link
Contributor

Noxsios commented Mar 9, 2024

Completed in #1688

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation 📘 Improvements or additions to documentation
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants