Skip to content

Commit 9ad9579

Browse files
tdrueztdruez
committed
Debug GitHub workflow for OWASP dep-scan
Signed-off-by: tdruez <[email protected]>
1 parent da75f7f commit 9ad9579

File tree

1 file changed

+1
-18
lines changed

1 file changed

+1
-18
lines changed

.github/workflows/sca-integration-depscan.yml

Lines changed: 1 addition & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -34,28 +34,11 @@ jobs:
3434
- name: Generate SBOM with OWASP dep-scan
3535
run: |
3636
depscan \
37-
--src docker-image.tar \
37+
--src ${{ env.IMAGE_REFERENCE }} \
3838
--type docker \
3939
--reports-dir reports \
4040
--explain
4141
42-
# --report-name depscan-sbom.cdx.json
43-
# env:
44-
# SCAN_DEBUG_MODE: debug
45-
#
46-
# - name: Generate SBOM with OWASP dep-scan
47-
# run: |
48-
# docker run --rm -v ${{ github.workspace }}:/app \
49-
# -e SCAN_DEBUG_MODE=debug \
50-
# ghcr.io/owasp-dep-scan/dep-scan depscan \
51-
# --src /app/docker-image.tar \
52-
# --type docker,license \
53-
# --explain \
54-
# --reports-dir /app/reports/ \
55-
# --report-name depscan-sbom.cdx.json
56-
57-
# - run: ls -la reports
58-
5942
- name: Upload SBOM as GitHub Artifact
6043
uses: actions/upload-artifact@v4
6144
with:

0 commit comments

Comments
 (0)