fix: #23915 podman build is not parsing sbom command line arguments

aguidirh · aguidirh · commit deb13a1e35d5 · 2025-03-26T11:24:28.000+01:00
Signed-off-by: Alex Guidi &lt;aguidi@redhat.com&gt;
diff --git a/cmd/podman/common/build.go b/cmd/podman/common/build.go
@@ -6,6 +6,7 @@ import (
 	"io"
 	"os"
 	"path/filepath"
+	"slices"
 	"strings"
 	"syscall"
 	"time"
@@ -514,6 +515,24 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *Buil
 		}
 	}
 
+	var sbomScanOptions []buildahDefine.SBOMScanOptions
+	if c.Flag("sbom").Changed || c.Flag("sbom-scanner-command").Changed || c.Flag("sbom-scanner-image").Changed || c.Flag("sbom-image-output").Changed || c.Flag("sbom-merge-strategy").Changed || c.Flag("sbom-output").Changed || c.Flag("sbom-image-output").Changed || c.Flag("sbom-purl-output").Changed || c.Flag("sbom-image-purl-output").Changed {
+		sbomScanOption, err := parse.SBOMScanOptions(c)
+		if err != nil {
+			return nil, err
+		}
+		if !slices.Contains(sbomScanOption.ContextDir, contextDir) {
+			sbomScanOption.ContextDir = append(sbomScanOption.ContextDir, contextDir)
+		}
+		for _, abc := range additionalBuildContext {
+			if !abc.IsURL && !abc.IsImage {
+				sbomScanOption.ContextDir = append(sbomScanOption.ContextDir, abc.Value)
+			}
+		}
+		sbomScanOption.PullPolicy = pullPolicy
+		sbomScanOptions = append(sbomScanOptions, *sbomScanOption)
+	}
+
 	opts := buildahDefine.BuildOptions{
 		AddCapabilities:         flags.CapAdd,
 		AdditionalTags:          tags,
@@ -570,6 +589,7 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *Buil
 		Runtime:                 podmanConfig.RuntimePath,
 		RuntimeArgs:             runtimeFlags,
 		RusageLogFile:           flags.RusageLogFile,
+		SBOMScanOptions:         sbomScanOptions,
 		SignBy:                  flags.SignBy,
 		SignaturePolicyPath:     flags.SignaturePolicy,
 		Squash:                  flags.Squash,
diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go
@@ -4,7 +4,9 @@ package integration
 
 import (
 	"bytes"
+	"errors"
 	"fmt"
+	"io/fs"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -972,4 +974,25 @@ RUN ls /dev/test1`, CITEST_IMAGE)
 		session.WaitWithDefaultTimeout()
 		Expect(session).Should(ExitWithError(1, `building at STEP "RUN --mount=type=cache,target=/test,z cat /test/world": while running runtime: exit status 1`))
 	})
+	It("podman build with sbom flags", func() {
+		podmanTest.AddImageToRWStore(ALPINE)
+
+		podmanTest.PodmanExitCleanly("build", "-t", "sbom-img", "--sbom-output=localsbom.txt", "--sbom-purl-output=localpurl.txt", "--sbom-image-output=/tmp/sbom.txt", "--sbom-image-purl-output=/tmp/purl.txt",
+			"--sbom-scanner-image=alpine", "--sbom-scanner-command=/bin/sh -c 'echo SCANNED ROOT {ROOTFS} > {OUTPUT}'", "--sbom-scanner-command=/bin/sh -c 'echo SCANNED BUILD CONTEXT {CONTEXT} > {OUTPUT}'",
+			"--sbom-merge-strategy=cat", "build/basicalpine")
+
+		defer os.Remove("./localsbom.txt")
+		if _, err := os.Stat("./localsbom.txt"); err != nil {
+			Expect(errors.Is(err, fs.ErrNotExist)).To(BeFalse())
+		}
+
+		defer os.Remove("./localpurl.txt")
+		if _, err := os.Stat("./localpurl.txt"); err != nil {
+			Expect(errors.Is(err, fs.ErrNotExist)).To(BeFalse())
+		}
+
+		session := podmanTest.PodmanExitCleanly("run", "--rm", "sbom-img", "ls", "/tmp")
+		Expect(session.OutputToString()).To(ContainSubstring("purl.txt"))
+		Expect(session.OutputToString()).To(ContainSubstring("sbom.txt"))
+	})
 })
