Skip to content

Commit c59fb5a

Browse files
authored
Update action.yml
1 parent 60035bb commit c59fb5a

File tree

1 file changed

+18
-90
lines changed

1 file changed

+18
-90
lines changed

action.yml

Lines changed: 18 additions & 90 deletions
Original file line numberDiff line numberDiff line change
@@ -1,90 +1,7 @@
1-
name: "SBOM-TM Action"
2-
description: "Run SBOM-TM CLI (scan/diff) inside GitHub workflows."
3-
author: "SBOM-TM"
4-
branding:
5-
icon: "shield"
6-
color: "purple"
7-
8-
inputs:
9-
command:
10-
description: 'SBOM-TM subcommand to run (scan|diff)'
11-
required: true
12-
default: 'scan'
13-
args:
14-
description: 'Additional args to pass to the CLI'
15-
required: false
16-
default: ''
17-
project:
18-
description: 'Project name to use for reports'
19-
required: false
20-
default: 'default'
21-
offline:
22-
description: 'Run trivy in offline mode (true/false)'
23-
required: false
24-
default: 'false'
25-
report-path:
26-
description: 'Relative path to write the markdown report inside the workspace'
27-
required: false
28-
default: 'data/cache/reports'
29-
30-
runs:
31-
using: "docker"
32-
image: "Dockerfile"
33-
args:
34-
- ${{ inputs.command }}
35-
- ${{ inputs.args }}
36-
- ${{ inputs.project }}
37-
- ${{ inputs.offline }}
38-
- ${{ inputs.report-path }}
39-
name: "SBOM-TM Action"
40-
description: "Run SBOM-TM CLI (scan/diff) inside a GitHub workflow and post reports."
41-
inputs:
42-
command:
43-
description: 'SBOM-TM subcommand to run (scan|diff)'
44-
required: true
45-
default: 'scan'
46-
args:
47-
description: 'Additional args to pass to the CLI'
48-
required: false
49-
default: ''
50-
project:
51-
description: 'Project name to use for reports'
52-
required: false
53-
default: 'default'
54-
python-version:
55-
description: 'Python version for the runner'
56-
required: false
57-
default: '3.11'
58-
runs:
59-
using: 'composite'
60-
steps:
61-
- name: Checkout repository
62-
uses: actions/checkout@v4
63-
64-
- name: Setup Python
65-
uses: actions/setup-python@v4
66-
with:
67-
python-version: ${{ inputs.python-version }}
68-
69-
- name: Install package
70-
shell: bash
71-
run: |
72-
python -m pip install --upgrade pip
73-
pip install .
74-
75-
- name: Make entrypoint executable
76-
run: |
77-
if [ -f ./entrypoint.sh ]; then chmod +x ./entrypoint.sh; fi
78-
79-
- name: Run SBOM-TM
80-
shell: bash
81-
env:
82-
PROJECT: ${{ inputs.project }}
83-
run: |
84-
./entrypoint.sh "${{ inputs.command }}" "${{ inputs.args }}" "${{ inputs.project }}"
851
name: "SBOM-TM CI Security Gate"
862
description: "Commit-aware SBOM + Trivy + RuleEngine diff/scan for GitHub PRs and pushes"
873
author: "Hitesh / sbom-tm"
4+
885
branding:
896
icon: "shield"
907
color: "purple"
@@ -94,27 +11,38 @@ inputs:
9411
description: "auto | scan | diff (auto = diff on PRs, scan on pushes)"
9512
required: false
9613
default: "auto"
14+
9715
base:
98-
description: "Base ref for diff (e.g. origin/main). If empty, sbom-tm chooses merge-base."
16+
description: "Base ref for diff"
9917
required: false
10018
default: ""
19+
10120
project:
102-
description: "Logical project name (used in reports)"
21+
description: "Project name"
10322
required: false
10423
default: "default"
24+
10525
offline:
106-
description: "Use Trivy offline mode (true/false)"
26+
description: "Use Trivy offline mode"
10727
required: false
10828
default: "false"
29+
10930
report-path:
110-
description: "Relative path (within repo) for the Markdown report"
31+
description: "Markdown report output path"
11132
required: false
11233
default: "sbom-tm-report.md"
11334

11435
outputs:
11536
report_path:
116-
description: "Relative path of the generated Markdown report (for PR comments)"
37+
description: "Markdown report for PR comments"
11738

11839
runs:
11940
using: "docker"
120-
image: "Dockerfile"
41+
image: "ghcr.io/h-strangeone/sbom-tm:latest"
42+
43+
args:
44+
- ${{ inputs.mode }}
45+
- ${{ inputs.base }}
46+
- ${{ inputs.project }}
47+
- ${{ inputs.offline }}
48+
- ${{ inputs['report-path'] }}

0 commit comments

Comments
 (0)