Skip to content

Commit 40f5969

Browse files
ciarams87ciarams87
committed
Download syft in a separate step
1 parent e93ce37 commit 40f5969

File tree

2 files changed

+5
-10
lines changed

2 files changed

+5
-10
lines changed

.github/workflows/build.yml

Lines changed: 4 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -160,20 +160,15 @@ jobs:
160160
${{ contains(inputs.image, 'plus') && format('"nginx-repo.crt={0}"', secrets.NGINX_CRT) || '' }}
161161
${{ contains(inputs.image, 'plus') && format('"nginx-repo.key={0}"', secrets.NGINX_KEY) || '' }}
162162
163+
- name: Download Syft
164+
uses: anchore/sbom-action/download-syft@cee1b8e05ae5b2593a75e197229729eabaa9f8ec # v0.20.2
165+
if: ${{ inputs.image == 'plus-waf' }}
166+
163167
- name: Inspect SBOM and output manifest
164168
run: |
165169
if [[ "${{ inputs.image }}" == "plus-waf" ]]; then
166170
# For plus-waf, use syft directly
167-
echo "Generating SBOM for plus-waf using syft..."
168-
169-
# Install syft if not available
170-
if ! command -v syft >/dev/null 2>&1; then
171-
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
172-
fi
173-
174-
# Generate SBOM using syft directly for plus-waf (known to work with NAP WAF)
175171
syft localhost:5000/nginx-gateway-fabric/${{ inputs.image }}:${{ steps.meta.outputs.version }} -o spdx-json > sbom-${{ inputs.image }}.json
176-
echo "Generated SBOM using syft for plus-waf"
177172
else
178173
# For other images, use the standard Docker buildx approach
179174
docker buildx imagetools inspect localhost:5000/nginx-gateway-fabric/${{ inputs.image }}:${{ steps.meta.outputs.version }} --format '{{ json (index .SBOM "linux/amd64").SPDX }}' > sbom-${{ inputs.image }}.json

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ The following table lists the software versions NGINX Gateway Fabric supports.
6868

6969
| NGINX Gateway Fabric | Gateway API | Kubernetes | NGINX OSS | NGINX Plus | NGINX Agent | NGINX NAP WAF |
7070
|----------------------|-------------|------------|-----------|------------|-------------|---------------|
71-
| Edge | 1.3.0 | 1.25+ | 1.28.0 | R34 | v3.0.3 | 5.7.0. |
71+
| Edge | 1.3.0 | 1.25+ | 1.28.0 | R34 | v3.0.3 | 5.7.0 |
7272
| 2.0.2 | 1.3.0 | 1.25+ | 1.28.0 | R34 | v3.0.1 | --- |
7373
| 2.0.1 | 1.3.0 | 1.25+ | 1.28.0 | R34 | v3.0.1 | --- |
7474
| 2.0.0 | 1.3.0 | 1.25+ | 1.28.0 | R34 | v3.0.0 | --- |

0 commit comments

Comments
 (0)