Skip to content

Commit

Permalink
Update docker-build.yml
Browse files Browse the repository at this point in the history 
Signed-off-by: Marcin Kozlowski <[email protected]>
  • Loading branch information
@marcinguy
marcinguy authored Dec 29, 2024
1 parent 200eabf commit 94c6dcb
Showing 1 changed file with 0 additions and 21 deletions.
21 changes: 0 additions & 21 deletions .github/workflows/docker-build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,24 +67,3 @@ jobs:
DOCKER_HUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKERHUB_TOKEN }}


# Install Grype
- name: Install Grype
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin
# Generate SBOM with Grype
- name: Generate SBOM with Grype
run: |
grype ${{ env.IMAGE_NAME }}:${{ github.sha }} -o spdx-json > sbom.spdx.json
- name: Generate SBOM attestation
uses: actions/[email protected]
with:
subject-name: docker.io/${{ secrets.DOCKERHUB_USERNAME }}/betterscan-${{ matrix.component }}
subject-digest: ${{ steps.build-push.outputs.digest }}
sbom-path: 'sbom.spdx.json'
push-to-registry: true
env:
DOCKER_HUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKERHUB_TOKEN }}

0 comments on commit 94c6dcb

Please sign in to comment.