Skip to content

Feature: Add conan detector that parses conan.lock files of conan package manager version 1.x #1257

Feature: Add conan detector that parses conan.lock files of conan package manager version 1.x

Feature: Add conan detector that parses conan.lock files of conan package manager version 1.x #1257

Workflow file for this run

name: Verify snapshot of test scan
env:
CD_DETECTOR_EXPERIMENTS: 1
on: [pull_request]
permissions:
contents: read
jobs:
verify:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
- name: Make release snapshot output directory
run: mkdir ${{ github.workspace }}/release-output
- name: Get latest release snapshot download url
id: download-latest-release-snapshot
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
result-encoding: string
script: |
const res = await github.paginate(
github.rest.actions.listArtifactsForRepo.endpoint.merge({
owner: 'microsoft',
repo: 'component-detection',
})
);
return res
.filter(
(artifact) => artifact.name === 'release-snapshot-output-${{ matrix.os }}'
)
.sort((a, b) => new Date(b.updated_at) - new Date(a.updated_at))[0]
.archive_download_url;
- name: Download latest release snapshot
working-directory: ${{ github.workspace }}/release-output
run: |
curl -v -L -u octocat:${{ secrets.GITHUB_TOKEN }} -o output.zip "${{ steps.download-latest-release-snapshot.outputs.result }}"
unzip output.zip
rm output.zip
- name: Setup .NET Core
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3
- name: Setup NuGet cache
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
with:
path: ~/.nuget/packages
key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', '**/*.props') }}
restore-keys: ${{ runner.os }}-nuget-
- run: dotnet restore
- name: Install Apache Ivy
if: ${{ matrix.os == 'ubuntu-latest' }}
run: curl https://downloads.apache.org/ant/ivy/2.5.1/apache-ivy-2.5.1-bin.tar.gz | tar xOz apache-ivy-2.5.1/ivy-2.5.1.jar > /usr/share/ant/lib/ivy.jar
- name: Install Apache Ivy
if: ${{ matrix.os == 'windows-latest' }}
shell: bash
run: curl https://downloads.apache.org/ant/ivy/2.5.1/apache-ivy-2.5.1-bin.tar.gz | tar xOz apache-ivy-2.5.1/ivy-2.5.1.jar > "$ANT_HOME/lib/ivy.jar"
- name: Install Apache Ivy
if: ${{ matrix.os == 'macos-latest' }}
run: brew install ivy
- name: Make output directory
run: mkdir ${{ github.workspace }}/output
- name: LinuxDetection warning
if: >-
${{
matrix.os == 'macos-latest' ||
matrix.os == 'windows-latest'
}}
run: echo "Linux detection is not supported on ${{ matrix.os }}. Please rely on ubuntu run for LinuxDetection."
- name: Scan verification repo
working-directory: src/Microsoft.ComponentDetection
run:
dotnet run scan --Verbosity Verbose --SourceDirectory ${{ github.workspace }}/test/Microsoft.ComponentDetection.VerificationTests/resources --Output ${{ github.workspace }}/output
--DockerImagesToScan "docker.io/library/debian@sha256:9b0e3056b8cd8630271825665a0613cc27829d6a24906dc0122b3b4834312f7d,mcr.microsoft.com/cbl-mariner/base/core@sha256:c1bc83a3d385eccbb2f7f7da43a726c697e22a996f693a407c35ac7b4387cd59,docker.io/library/alpine@sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870"
--DetectorArgs DockerReference=EnableIfDefaultOff,SPDX22SBOM=EnableIfDefaultOff
- name: Run Verification Tests
working-directory: test/Microsoft.ComponentDetection.VerificationTests
run: dotnet test
env:
GITHUB_OLD_ARTIFACTS_DIR: ${{ github.workspace }}/release-output
GITHUB_NEW_ARTIFACTS_DIR: ${{ github.workspace }}/output
ALLOWED_TIME_DRIFT_RATIO: ".75"
- name: Upload logs
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
if: ${{ !cancelled() }}
with:
name: verify-snapshot-output-${{ matrix.os }}
path: ${{ github.workspace }}/output