Add SBOM generation command (CycloneDX/SPDX format) #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: [main] | |
| tags: ['v*'] | |
| pull_request: | |
| branches: [main] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.22' | |
| - name: Build binaries | |
| working-directory: ./eventgen | |
| run: | | |
| VERSION=${GITHUB_REF_NAME:-dev} | |
| BUILD_TIME=$(date -u '+%Y-%m-%d_%H:%M:%S') | |
| LDFLAGS="-s -w -X main.version=${VERSION} -X main.buildTime=${BUILD_TIME}" | |
| echo "Building version: $VERSION" | |
| # Linux AMD64 | |
| CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="$LDFLAGS" -o bin/qcr-linux-amd64 ./cmd/main.go | |
| # Linux ARM64 | |
| CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags="$LDFLAGS" -o bin/qcr-linux-arm64 ./cmd/main.go | |
| # macOS AMD64 | |
| CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -ldflags="$LDFLAGS" -o bin/qcr-darwin-amd64 ./cmd/main.go | |
| # macOS ARM64 (Apple Silicon) | |
| CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -ldflags="$LDFLAGS" -o bin/qcr-darwin-arm64 ./cmd/main.go | |
| # Windows AMD64 | |
| CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -ldflags="$LDFLAGS" -o bin/qcr-windows-amd64.exe ./cmd/main.go | |
| ls -la bin/ | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: qcr-binaries | |
| path: eventgen/bin/qcr-* | |
| docker: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build Docker images | |
| working-directory: ./eventgen | |
| run: | | |
| docker build --target production -t qualys/qcr:latest . | |
| docker build --target eventgen -t qualys/qcr-eventgen:latest . | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: qcr-binaries | |
| path: bin/ | |
| - name: Create checksums | |
| run: | | |
| cd bin | |
| sha256sum qcr-* > checksums.txt | |
| cat checksums.txt | |
| - name: Create Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| files: | | |
| bin/qcr-* | |
| bin/checksums.txt | |
| generate_release_notes: true |