Skip to content

[FIX] Push sbom into master after merging via ssh#4636

Merged
jesmrec merged 3 commits into
masterfrom
fix/sbom_merged_into_master
Jul 11, 2025
Merged

[FIX] Push sbom into master after merging via ssh#4636
jesmrec merged 3 commits into
masterfrom
fix/sbom_merged_into_master

Conversation

@jesmrec
Copy link
Copy Markdown
Contributor

@jesmrec jesmrec commented Jul 8, 2025
edited
Loading

Previous version tried to push the sbom.json file generated by CI to the master branch, but the branch protection rules prevented to perform such action. Current PR would fix that.

Included:

  • SSH is used to perform the commit. To push the commit, an SSH public key and private key must be configured in the repository settings.

  • The current version of the SBOM is normalized and compared with the previous one. A commit is only made if differences are found.

  • If a commit is made, it will trigger another job, which will be skipped due to a condition defined in the job configuration.

@DeepDiver1975 you added a DEPLOYMENT_SSH_KEY in Deploy Keys of Settings. That's the public key, it would be required to add the private key as repo secret as well. Other option: I created a pair of keys for testing and i could re-use them as keys by replacing yours.

I think this solution will work, but, we'll not know until the PR is merged (SBOM commit is created).

An alternative considered was pushing the sbom.json file to each development branch, but it was ultimately discarded due to lower overall performance.

Related Issues

App:

  • Add changelog files for the fixed issues in folder changelog/unreleased. More info here
  • Add feature to Release Notes in ReleaseNotesViewModel.kt creating a new ReleaseNote() with String resources (if required)

QA

@jesmrec jesmrec self-assigned this Jul 8, 2025
@jesmrec jesmrec requested review from DeepDiver1975 and joragua July 9, 2025 07:42
@jesmrec jesmrec marked this pull request as ready for review July 9, 2025 07:42
joragua
joragua requested changes Jul 9, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@joragua joragua left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some comments here @jesmrec! 🙌🏻

Comment thread .github/workflows/sbom.yml
Comment thread .github/workflows/sbom.yml Outdated
Comment thread .github/workflows/sbom.yml
@jesmrec jesmrec requested a review from joragua July 9, 2025 15:28
joragua
joragua approved these changes Jul 9, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@joragua joragua left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved on my side! 👍🏻

@jesmrec jesmrec force-pushed the fix/sbom_merged_into_master branch from 039ca77 to a93bee4 Compare July 11, 2025 10:22
@jesmrec jesmrec merged commit 58f0bba into master Jul 11, 2025
9 checks passed
@jesmrec jesmrec deleted the fix/sbom_merged_into_master branch July 11, 2025 10:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joragua joragua joragua approved these changes

@DeepDiver1975 DeepDiver1975 Awaiting requested review from DeepDiver1975

Assignees

@jesmrec jesmrec

Labels

Estimation - 2 (S) GitHub Actions

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jesmrec @joragua