-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yml
39 lines (28 loc) · 920 Bytes
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
name: 'Generate sBOM'
description: 'Generate and upload an sBOM of the service'
inputs:
dir-path:
description: 'The root directory containing the build or lock files.'
default: ./
sbom-format:
description: 'Format of the generated sBOM (cyclonedx-json, spdx-json)'
default: 'cyclonedx-json'
runs:
using: 'composite'
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: zulu
java-version: 17
- name: Set up cdxgen
shell: bash
run: npm install -g @cyclonedx/cdxgen@8
- name: generate sBOM
id: generate-sbom
shell: bash
run: cdxgen ${{ inputs.dir-path }} -o ${{ github.event.repository.name }}-${{ github.sha }}.json
- uses: actions/upload-artifact@v3
with:
name: cyclonedx-sbom
path: ${{ github.event.repository.name }}-${{ github.sha }}.json