Add worker for ingesting SBoM reports (!92277) · Merge requests · GitLab.org / GitLab

Brian Williams requested to merge bwill/sbom-processing into master Jul 12, 2022

What does this MR do and why?

Describe in detail what your merge request does and why.

Epic: &8024 (closed)
Issue: #365661 (closed)

Add the initial background processing to support the ingestion of CycloneDX Software Bill of Materials (SBoM) reports. Create a worker which runs after the completion of each EE CI pipeline and checks if it has SBoM artifacts. If it does, pass those artifacts to the IngestReportsService for processing.

IngestReportsService will be implemented later via #364709 (closed). A feature flag is used to allow for iterative development.

This MR is dependent on !91510 (merged).

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jul 13, 2022 by Brian Williams

Add worker for ingesting SBoM reports

What does this MR do and why?

MR acceptance checklist

Merge request reports