From cd9648b2d4291a7d4100c5371725eeab41cd8980 Mon Sep 17 00:00:00 2001
From: Michael Chernicoff <mjchernicoff@gmail.com>
Date: Fri, 9 Aug 2024 14:17:06 -0400
Subject: [PATCH] feat (docker): Create docker image SBOM on release

---
 .github/workflows/dockerhub.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/.github/workflows/dockerhub.yml b/.github/workflows/dockerhub.yml
index e33fd6d0..b20f82e6 100644
--- a/.github/workflows/dockerhub.yml
+++ b/.github/workflows/dockerhub.yml
@@ -63,3 +63,14 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           readme-filepath: ./dist/dockerhub/README.md
+  
+  build-sbom:
+    needs: push
+    runs-on: ubuntu-latest
+    steps:
+      - name: Create docker image SBOM
+        uses: anchore/sbom-action@v0
+        with:
+          image: mitre/hipcheck:latest
+          format: spdx-json
+          artifact-name: hipcheck-docker-sbom.spdx