Skip to content

Commit 62ac1d7

Browse files
committed
chore: add sbom workflow
1 parent d0efedf commit 62ac1d7

File tree

1 file changed

+34
-0
lines changed

1 file changed

+34
-0
lines changed

.github/workflows/sbom.yml

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
name: SBOM
2+
3+
on:
4+
pull_request:
5+
branches: ["main", "3.0"]
6+
release:
7+
types: [published]
8+
9+
permissions:
10+
contents: write
11+
12+
env:
13+
SBOM_FILENAME: "${{ github.event.repository.name }}-sbom.cdx.json"
14+
15+
jobs:
16+
sbom:
17+
name: Generate and Scan SBOM
18+
runs-on: ubuntu-latest
19+
steps:
20+
- uses: actions/checkout@v6
21+
22+
- name: Create SBOM
23+
uses: anchore/sbom-action@v0
24+
with:
25+
format: cyclonedx-json
26+
output-file: "${{ env.SBOM_FILENAME }}"
27+
artifact-name: "${{ env.SBOM_FILENAME }}"
28+
29+
- name: Scan SBOM
30+
uses: anchore/scan-action@v7
31+
with:
32+
sbom: "${{ env.SBOM_FILENAME }}"
33+
cache-db: true
34+
output-format: "table"

0 commit comments

Comments
 (0)