production-project
.release-workflow
.vuln-scan-workflow
.production-project
and add the CRA framework during the project creation.
sbom-quality
for the release-workflow
and vulnerability-management
for the vuln-scan-workflow
.release-contract
and vuln-scan-contract
, following the managing contracts instructions and including the following yaml content:release-workflow
to the release-contract
and the vuln-scan-workflow
to the vuln-scan-contract
.release-workflow
name and associate it with the production-project
and the release-contract
that you created in the previous step.vuln-scan-workflow
name and associate it with the production-project
and the vuln-scan-contract
that you created in the previous step.