@@ -166,6 +166,15 @@ It is bound to the `test` stage, and uses the following variables:
| `GO_SBOM_IMAGE` | Image of cyclonedx-gomod used for SBOM analysis | `registry.hub.docker.com/cyclonedx/cyclonedx-gomod:latest` |
| `GO_SBOM_OPTS` | [@cyclonedx/cyclonedx-gomod options](https://github.com/CycloneDX/cyclonedx-gomod#usage) used for SBOM analysis | `-main .` |
:warning: if you don't have your main class located at the root of your `GO_PROJECT_DIR`, then you will need to override the `-main` option in `GO_SBOM_OPTS` and define your real main class location.
Example:
```yaml
variables:
GO_SBOM_OPTS:"-maincmd/my_app"
```
### `go-govulncheck` job
This job enables Vulnerability Management with [Govulncheck](https://go.dev/blog/vuln).
