Make SBOM optional

Alex-Welsh · Alex-Welsh · commit eae0ddcaa10c · 2025-06-09T16:20:48.000+01:00
diff --git a/.github/workflows/stackhpc-container-image-build.yml b/.github/workflows/stackhpc-container-image-build.yml
@@ -38,6 +38,11 @@ on:
         type: boolean
         required: false
         default: true
+      sbom:
+        description: Generate SBOM? (Slow)
+        type: boolean
+        required: false
+        default: false
       push-dirty:
         description: Push scanned images that have critical vulnerabilities?
         type: boolean
@@ -252,7 +257,7 @@ jobs:
         run: if [ $(wc -l < ${{ matrix.distro.name }}-${{ matrix.distro.release }}-container-images) -le 1 ]; then exit 1; fi
 
       - name: Scan built container images
-        run: src/kayobe-config/tools/scan-images.sh ${{ matrix.distro.name }}-${{ matrix.distro.release }} ${{ steps.write-kolla-tag.outputs.kolla-tag }}
+        run: src/kayobe-config/tools/scan-images.sh ${{ matrix.distro.name }}-${{ matrix.distro.release }} ${{ steps.write-kolla-tag.outputs.kolla-tag }} ${{ inputs.sbom && '--sbom'}}
 
       - name: Move image scan logs to output artifact
         run: mv image-scan-output image-build-logs/image-scan-output
