Merge pull request #4 from rbrayner/fix-sbom-artifact-upload

rbrayner · web-flow · commit 8362b7e40347 · 2024-11-25T07:16:43.000-03:00
Merge pull request #3 from rbrayner/add-sbom-scan
diff --git a/.github/workflows/security_analysis.yml b/.github/workflows/security_analysis.yml
@@ -51,16 +51,16 @@ jobs:
         run: npm install --global @cyclonedx/cyclonedx-npm
       - name: Generate SBOM file
         run: npx @cyclonedx/cyclonedx-npm --output-file sbom.json
-      - name: Scan SBOM
-        uses: anchore/scan-action@v3
-        with:
-          sbom: "sbom.json"
-          output-format: table
       - name: Upload SBOM artifact
         uses: actions/upload-artifact@v3
         with:
           name: sbom
           path: sbom.json
+      - name: Scan SBOM
+        uses: anchore/scan-action@v3
+        with:
+          sbom: "sbom.json"
+          output-format: table
 
   bearer:
     name: Bearer
