Skip to content

docs: ADR-0005: SBOM document aliases/tags #105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
idunbarh merged 3 commits into from
Aug 5, 2024
Merged

docs: ADR-0005: SBOM document aliases/tags #105

idunbarh merged 3 commits into from
Aug 5, 2024

Conversation

@jhoward-lm
Copy link
Contributor

@jhoward-lm jhoward-lm commented Jul 11, 2024
edited by idunbarh
Loading

5. SBOM document aliases/tags

Date: 2024-07-11

Status

Accepted

Context

A shorter form of referencing SBOM documents stored in bomctl's database is needed, while also
adding adding annotations/labels for adding key/value pair metadata.

Decision

Add support for user assignment of annotations/labels per stored SBOM document:

  • a list of labels (key/value pairs)
  • the alias key is reserved and will be used as a unique short hand label for the SBOM document

These options could also be consolidated into a unified concept such as labels.

Users should be able to perform this action either at fetch/import or as a standalone command/operation.

Consequences

Implementing alias key could be limiting due to their 1:1 association.

Using the label methodology may provide greater flexibility in association between documents for
actions like storing and retrieving a group of SBOMs in a tree structure.

@jhoward-lm
docs: add ADR for SBOM document aliases/tags
aac0178 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
@jhoward-lm jhoward-lm added the documentation Improvements or additions to documentation label Jul 11, 2024
@jhoward-lm jhoward-lm self-assigned this Jul 11, 2024
@jhoward-lm jhoward-lm requested a review from a team as a code owner July 11, 2024 21:15
idunbarh
idunbarh approved these changes Jul 18, 2024
View reviewed changes
Copy link
Member

@idunbarh idunbarh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this would be a great addition to the bomctl architecture.

@mfrystacky
Copy link
Contributor

mfrystacky commented Jul 29, 2024

Having alias and a separate tags concept makes a lot of sense.

@idunbarh
chore: accepting ADR and including changes discussed during community…
e7068d5 
… meeting on 7/29/2024

Signed-off-by: Ian Dunbar-Hall <ian.dunbar-hall@lmco.com>
@idunbarh idunbarh mentioned this pull request Aug 2, 2024
Closed
@idunbarh idunbarh merged commit 71c22dd into main Aug 5, 2024
@idunbarh idunbarh deleted the adr/sbom-document-aliases-tags branch August 5, 2024 15:54
@idunbarh idunbarh added the adr Architecture Decision Records use to decide architecture or implementation details of `bomctl` label Aug 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ashearin ashearin ashearin approved these changes

@idunbarh idunbarh idunbarh approved these changes

@eddiezane eddiezane Awaiting requested review from eddiezane

@houdini91 houdini91 Awaiting requested review from houdini91

@mfrystacky mfrystacky Awaiting requested review from mfrystacky

Assignees

@jhoward-lm jhoward-lm

Labels

adr Architecture Decision Records use to decide architecture or implementation details of `bomctl` documentation Improvements or additions to documentation

Projects

bomctl
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@jhoward-lm @mfrystacky @ashearin @idunbarh