772 B
772 B
StellaOps.Scanner.Sbomer.BuildXPlugin — Agent Charter
Mission
Implement the build-time SBOM generator described in docs/ARCHITECTURE_SCANNER.md and new buildx dossier requirements:
- Provide a deterministic BuildKit/Buildx generator that produces layer SBOM fragments and uploads them to local CAS.
- Emit OCI annotations (+provenance) compatible with Scanner.Emit and Attestor hand-offs.
- Respect restart-time plug-in policy (
plugins/scanner/buildx/manifests) and keep CI overhead ≤300 ms per layer.
Expectations
- Read architecture + upcoming Buildx addendum before coding.
- Ensure graceful fallback to post-build scan when generator unavailable.
- Provide integration tests with mock BuildKit, and update
TASKS.mdas states change.