@@ -34,16 +34,41 @@ jobs:
3434 # Build Image
3535 docker build -f ./Dockerfile -t $DOCKER_TAG .
3636
37- name : Login to AWS ECR
37+ name : Make script executable
38+ run : chmod +x ./scripts/sbom-generator.sh
39+
40+ - name : Run the shell script
41+ run : ./scripts/sbom-generator.sh
42+
43+ - name : Collect Artifacts
3844 run : |
39- DOCKER_REGISTRY="https://${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com"
40- aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin $DOCKER_REGISTRY
45+ mkdir -p artifacts
46+ pwd
47+ ls
48+
49+ cp -r ./sbom-spdx.json ./artifacts
4150
42- name : Publish image to ECR
43- run : docker push $DOCKER_TAG
51+ - name : Upload SBOM Artifacts
52+ uses : actions/upload-artifact@v4
53+ with :
54+ name : SBOM Report
55+ path : ./artifacts/**
56+ compression-level : 9
4457
45- - name : Logout of AWS ECR (Clean up Credentials)
58+ - name : Temporary Artifacts Cleanup
4659 if : always()
47- run : |
48- DOCKER_REGISTRY="https://${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com"
49- docker logout $DOCKER_REGISTRY
60+ run : rm -rf ./artifacts
61+
62+ # - name: Login to AWS ECR
63+ # run: |
64+ # DOCKER_REGISTRY="https://${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com"
65+ # aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin $DOCKER_REGISTRY
66+ #
67+ # - name: Publish image to ECR
68+ # run: docker push $DOCKER_TAG
69+ #
70+ # - name: Logout of AWS ECR (Clean up Credentials)
71+ # if: always()
72+ # run: |
73+ # DOCKER_REGISTRY="https://${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com"
74+ # docker logout $DOCKER_REGISTRY
0 commit comments