Add support for BASHBREW_BUILDKIT_SBOM_GENERATOR and provenance by tianon · Pull Request #69 · docker-library/bashbrew (original) (raw)

Since Docker's image store can't represent these, we round trip them through our self-managed (or external) containerd image store, which also makes pushing more efficient.

This very notably also requires setting BUILDX_BUILDER to point to an SBOM/provenance-supporting buildx builder, which is not great but I think is fine for now (we'll manage the lifecycle of that in our Jenkins infra somehow).

(Unrelated changes are gofmt updates we've missed previously 🙈 😇)