Skip to content

Update sbom.yml

Update sbom.yml #2

Workflow file for this run

name: Generate SBOM
on:
push:
branches:
- main
pull_request:
jobs:
generate-sbom:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Syft
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh
- name: Generate CycloneDX SBOM
run: |
./bin/syft . -o cyclonedx-json > sbom.json
- name: Upload SBOM to Dependency-Track
run: |
curl -X "POST" "http://34.46.105.78:8080/api/v1/bom" \
-H "X-Api-Key: odt_LCjFjndcfjTpWEKr2oSc3KKsbgVHO3VC" \
-H "Content-Type: multipart/form-data" \
-F "project=d2f9cf45-e514-4039-a666-4ae157245879" \
-F "bom=@sbom.json"
- name: Upload SBOM artifact
uses: actions/upload-artifact@v3
with:
name: sbom
path: sbom.json