Configure to auto generate SBOM or not on project configuration page. (#20059)

Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>

src/portal/src/app/base/project/project-config/project-policy-config/project-policy-config.component.html

@@ -121,6 +121,23 @@
                 {{ 'PROJECT_CONFIG.AUTOSCAN_POLICY' | translate }}
             </clr-control-helper>
         </clr-checkbox-container>
+        <clr-checkbox-container>
+            <label>{{ 'PROJECT_CONFIG.SBOM' | translate }}</label>
+            <clr-checkbox-wrapper id="generate-sbom-on-push-wrapper">
+                <input
+                    type="checkbox"
+                    clrCheckbox
+                    [(ngModel)]="projectPolicy.GenerateSbomOnPush"
+                    [disabled]="!hasChangeConfigRole"
+                    name="generate-sbom-on-push" />
+                <label>{{
+                    'PROJECT_CONFIG.AUTOSBOM_TOGGLE' | translate
+                }}</label>
+            </clr-checkbox-wrapper>
+            <clr-control-helper class="config-subtext">
+                {{ 'PROJECT_CONFIG.AUTOSBOM_POLICY' | translate }}
+            </clr-control-helper>
+        </clr-checkbox-container>
         <div
             *ngIf="systemInfo"
             class="clr-form-control"

src/portal/src/app/base/project/project-config/project-policy-config/project-policy-config.component.spec.ts

@@ -65,6 +65,7 @@ const mockProjectPolicies: Project[] | any[] = [
         repo_count: 0,
         metadata: {
             auto_scan: 'true',
+            auto_sbom_generation: 'true',
             enable_content_trust: 'true',
             prevent_vul: 'true',
             public: 'true',
@@ -140,6 +141,10 @@ describe('ProjectPolicyConfigComponent', () => {
         expect(
             component.projectPolicyConfigComponent.projectPolicy.ScanImgOnPush
         ).toBeTruthy();
+        expect(
+            component.projectPolicyConfigComponent.projectPolicy
+                .GenerateSbomOnPush
+        ).toBeTruthy();
     });
     it('should get hasChangeConfigRole', () => {
         expect(

src/portal/src/app/base/project/project-config/project-policy-config/project-policy-config.component.ts

@@ -32,6 +32,7 @@ export class ProjectPolicy {
     PreventVulImg: boolean;
     PreventVulImgSeverity: string;
     ScanImgOnPush: boolean;
+    GenerateSbomOnPush: boolean;
 
     constructor() {
         this.Public = false;
@@ -40,6 +41,7 @@ export class ProjectPolicy {
         this.PreventVulImg = false;
         this.PreventVulImgSeverity = LOW;
         this.ScanImgOnPush = false;
+        this.GenerateSbomOnPush = false;
     }
 
     initByProject(pro: Project) {
@@ -52,6 +54,7 @@ export class ProjectPolicy {
             this.PreventVulImgSeverity = pro.metadata.severity;
         }
         this.ScanImgOnPush = pro.metadata.auto_scan === 'true';
+        this.GenerateSbomOnPush = pro.metadata.auto_sbom_generation === 'true';
     }
 }
 

src/portal/src/app/base/project/project-config/project-policy-config/project.ts

@@ -19,6 +19,7 @@ export class Project {
         prevent_vul: string | boolean;
         severity: string;
         auto_scan: string | boolean;
+        auto_sbom_generation: string | boolean;
         reuse_sys_cve_allowlist?: string;
     };
     cve_allowlist?: object;
@@ -28,5 +29,6 @@ export class Project {
         this.metadata.prevent_vul = false;
         this.metadata.severity = 'low';
         this.metadata.auto_scan = false;
+        this.metadata.auto_sbom_generation = false;
     }
 }

src/portal/src/app/base/project/project.ts

@@ -33,6 +33,7 @@ export class Project {
         prevent_vul: string | boolean;
         severity: string;
         auto_scan: string | boolean;
+        auto_sbom_generation: string | boolean;
         retention_id: number;
     };
     constructor() {

src/portal/src/app/shared/services/project.service.ts

@@ -158,6 +158,9 @@ export class ProjectDefaultService extends ProjectService {
                         auto_scan: projectPolicy.ScanImgOnPush
                             ? 'true'
                             : 'false',
+                        auto_sbom_generation: projectPolicy.GenerateSbomOnPush
+                            ? 'true'
+                            : 'false',
                         reuse_sys_cve_allowlist: reuseSysCVEVAllowlist,
                     },
                     cve_allowlist: projectAllowlist,

src/portal/src/i18n/lang/de-de-lang.json

@@ -286,7 +286,10 @@
         "PREVENT_VULNERABLE_2": "und darüber.",
         "SCAN": "Scannen auf Schwachstellen",
         "AUTOSCAN_TOGGLE": "Images automatisch beim Hochladen scannen",
-        "AUTOSCAN_POLICY": "Scanne Images automatisch, wenn sie in das Projekt hochgeladen werden."
+        "AUTOSCAN_POLICY": "Scanne Images automatisch, wenn sie in das Projekt hochgeladen werden.",
+        "SBOM": "SBOM generation",
+        "AUTOSBOM_TOGGLE": "Automatically generate SBOM on push",
+        "AUTOSBOM_POLICY": "Automatically generate SBOM when the images are pushed to the project registry."
     },
     "MEMBER": {
         "NEW_USER": "Nutzer als Mitglied hinzufügen",

src/portal/src/i18n/lang/en-us-lang.json

@@ -286,7 +286,10 @@
         "PREVENT_VULNERABLE_2": "and above from being deployed.",
         "SCAN": "Vulnerability scanning",
         "AUTOSCAN_TOGGLE": "Automatically scan images on push",
-        "AUTOSCAN_POLICY": "Automatically scan images when they are pushed to the project registry."
+        "AUTOSCAN_POLICY": "Automatically scan images when they are pushed to the project registry.",
+        "SBOM": "SBOM generation",
+        "AUTOSBOM_TOGGLE": "Automatically generate SBOM on push",
+        "AUTOSBOM_POLICY": "Automatically generate SBOM when the images are pushed to the project registry."
     },
     "MEMBER": {
         "NEW_USER": "Add User Member",

src/portal/src/i18n/lang/es-es-lang.json

@@ -287,7 +287,10 @@
         "PREVENT_VULNERABLE_2": "y más arriba de ser desplegado.",
         "SCAN": "Escaneo de vulnerabilidad",
         "AUTOSCAN_TOGGLE": "Escanee automáticamente las imágenes al instante",
-        "AUTOSCAN_POLICY": "Escanee automáticamente las imágenes cuando son enviadas al registro del proyecto."
+        "AUTOSCAN_POLICY": "Escanee automáticamente las imágenes cuando son enviadas al registro del proyecto.",
+        "SBOM": "SBOM generation",
+        "AUTOSBOM_TOGGLE": "Automatically generate SBOM on push",
+        "AUTOSBOM_POLICY": "Automatically generate SBOM when the images are pushed to the project registry."
     },
     "MEMBER": {
         "NEW_USER": "Add User Member",

src/portal/src/i18n/lang/fr-fr-lang.json

@@ -286,7 +286,10 @@
         "PREVENT_VULNERABLE_2": "et au-dessus d'être déployées.",
         "SCAN": "Analyse des vulnérabilités",
         "AUTOSCAN_TOGGLE": "Analyse automatique des images lors de l'envoi",
-        "AUTOSCAN_POLICY": "Analyser automatiquement les images lorsqu'elles sont envoyées au projet du registre."
+        "AUTOSCAN_POLICY": "Analyser automatiquement les images lorsqu'elles sont envoyées au projet du registre.",
+        "SBOM": "SBOM generation",
+        "AUTOSBOM_TOGGLE": "Automatically generate SBOM on push",
+        "AUTOSBOM_POLICY": "Automatically generate SBOM when the images are pushed to the project registry."
     },
     "MEMBER": {
         "NEW_USER": "Ajouter un nouveau membre",

src/portal/src/i18n/lang/pt-br-lang.json

@@ -284,7 +284,10 @@
         "PREVENT_VULNERABLE_2": "e acima de serem utilizadas.",
         "SCAN": "Análise de vulnerabilidades",
         "AUTOSCAN_TOGGLE": "Verificar imagens automaticamente",
-        "AUTOSCAN_POLICY": "Imagens serão analisadas automaticamente quando enviadas ao repositório do projeto."
+        "AUTOSCAN_POLICY": "Imagens serão analisadas automaticamente quando enviadas ao repositório do projeto.",
+        "SBOM": "SBOM generation",
+        "AUTOSBOM_TOGGLE": "Automatically generate SBOM on push",
+        "AUTOSBOM_POLICY": "Automatically generate SBOM when the images are pushed to the project registry."
     },
     "MEMBER": {
         "NEW_USER": "Adicionar um usuário",

src/portal/src/i18n/lang/tr-tr-lang.json

@@ -286,7 +286,10 @@
         "PREVENT_VULNERABLE_2": "ve yukarıda yüklenilmekte.",
         "SCAN": "Güvenlik açığı taraması",
         "AUTOSCAN_TOGGLE": "İmajları yüklerken anında tarayın",
-        "AUTOSCAN_POLICY": "İmajlar proje kayıt defterine yüklenildiğinde otomatik olarak tarayın."
+        "AUTOSCAN_POLICY": "İmajlar proje kayıt defterine yüklenildiğinde otomatik olarak tarayın.",
+        "SBOM": "SBOM generation",
+        "AUTOSBOM_TOGGLE": "Automatically generate SBOM on push",
+        "AUTOSBOM_POLICY": "Automatically generate SBOM when the images are pushed to the project registry."
     },
     "MEMBER": {
         "NEW_USER": "Kullanıcı Üyesi Ekle",

src/portal/src/i18n/lang/zh-cn-lang.json

@@ -285,7 +285,10 @@
         "PREVENT_VULNERABLE_2": "以上的镜像运行。",
         "SCAN": "漏洞扫描",
         "AUTOSCAN_TOGGLE": "自动扫描镜像",
-        "AUTOSCAN_POLICY": "当镜像上传后，自动进行扫描"
+        "AUTOSCAN_POLICY": "当镜像上传后，自动进行扫描",
+        "SBOM": "SBOM generation",
+        "AUTOSBOM_TOGGLE": "Automatically generate SBOM on push",
+        "AUTOSBOM_POLICY": "Automatically generate SBOM when the images are pushed to the project registry."
     },
     "MEMBER": {
         "NEW_USER": "添加用户成员",

src/portal/src/i18n/lang/zh-tw-lang.json

@@ -285,7 +285,10 @@
     "PREVENT_VULNERABLE_2": "或更高危險級別的映像檔部署。",
     "SCAN": "弱點掃描",
     "AUTOSCAN_TOGGLE": "推送時自動掃描映像檔",
-    "AUTOSCAN_POLICY": "當映像檔推送到專案儲存庫時自動掃描。"
+    "AUTOSCAN_POLICY": "當映像檔推送到專案儲存庫時自動掃描。",
+    "SBOM": "SBOM generation",
+    "AUTOSBOM_TOGGLE": "Automatically generate SBOM on push",
+    "AUTOSBOM_POLICY": "Automatically generate SBOM when the images are pushed to the project registry."
   },
   "MEMBER": {
     "NEW_USER": "新增使用者成員",