Skip to content

Commit

Permalink
Add job for SBOM upload (#276)
Browse files Browse the repository at this point in the history
Co-authored-by: Pavol Ipoth <[email protected]>
  • Loading branch information
p53 and Pavol Ipoth authored Apr 12, 2023
1 parent 323f480 commit ec9a5d8
Showing 1 changed file with 22 additions and 1 deletion.
23 changes: 22 additions & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,35 @@ on:
types: [published]

jobs:
SBOM-upload:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: write
steps:
- uses: actions/checkout@v3
- name: Generate SBOM
# generation command documentation: https://github.com/microsoft/sbom-tool#sbom-generation
run: |
curl -Lo $RUNNER_TEMP/sbom-tool https://github.com/microsoft/sbom-tool/releases/latest/download/sbom-tool-linux-x64
chmod +x $RUNNER_TEMP/sbom-tool
$RUNNER_TEMP/sbom-tool generate -b . -bc . -pn $ -pv 1.0.0 -ps "Pavol Ipoth" -nsb https://github.com/gogatekeeper -V Verbose
- uses: actions/upload-artifact@v3
with:
name: sbom
path: _manifest/spdx_2.2
- name: SBOM upload
uses: advanced-security/[email protected]
with:
filePath: "_manifest/spdx_2.2/"
goreleaser:
runs-on: ubuntu-latest
steps:
# Setup the workflow to use the specific version of Go
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: '1.18.6'
go-version: "1.18.6"
# Checkout the repository
- name: Checkout
uses: actions/checkout@v2
Expand Down

0 comments on commit ec9a5d8

Please sign in to comment.