DEBUG cdxgen

Signed-off-by: tdruez <[email protected]>

Author: tdruez

.github/workflows/sca-integration-cdxgen.yml

@@ -11,7 +11,8 @@ permissions:
   contents: read
 
 env:
-  IMAGE_REFERENCE: "python:3.13.0-slim"
+#  IMAGE_REFERENCE: "python:3.13.0-slim"
+  IMAGE_REFERENCE: "alpine:3.17.0"
 
 jobs:
   generate-and-load-sbom:
@@ -26,7 +27,7 @@ jobs:
         run: npm install @cyclonedx/cdxgen
 
       - name: Generate SBOM with CycloneDX cdxgen
-        run: npx cdxgen ${{ env.IMAGE_REFERENCE }} --type docker -output cdxgen-sbom.cdx.json
+        run: cdxgen ${{ env.IMAGE_REFERENCE }} --type docker -output cdxgen-sbom.cdx.json --profile license-compliance --json-pretty
 
       - name: Upload SBOM as GitHub Artifact
         uses: actions/upload-artifact@v4