From e3364eb3778c04ec59d51fd5950bd9ae9e7caeb2 Mon Sep 17 00:00:00 2001
From: Cody Soyland <codysoyland@github.com>
Date: Mon, 3 Jun 2024 16:09:14 -0400
Subject: [PATCH] Remove ko sbom generation

Getting unauthorized error when trying to upload sbom to ghcr. Removing sbom for now to get working build.

Signed-off-by: Cody Soyland <codysoyland@github.com>
---
 .github/workflows/release.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 8fbe34a6..e47fb775 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -36,7 +36,7 @@ jobs:
           mkdir -p ${{ env.KOCACHE }}
           # ko build should print ghcr.io/github/policy-controller-webhook@sha256:<digest>
           # to standard out. Capture the image digest for the build provenance step
-          IMAGE_DIGEST=$(ko build --bare --tags $GIT_VERSION --tags $GIT_HASH --platform=linux/amd64 github.com/sigstore/policy-controller/cmd/webhook | cut -d'@' -f2)
+          IMAGE_DIGEST=$(ko build --bare --tags $GIT_VERSION --tags $GIT_HASH --platform=linux/amd64 --sbom=none github.com/sigstore/policy-controller/cmd/webhook | cut -d'@' -f2)
           echo "image_digest=$IMAGE_DIGEST" >> $GITHUB_OUTPUT
       - name: Attest
         uses: actions/attest-build-provenance@951c0c5f8e375ad4efad33405ab77f7ded2358e4 # v1.1.1