beckermj/vaguerent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
vaguerent/.github/workflows/microsoft-sbom.yml
Sandhya K 30a97de0c4
Create microsoft-sbom.yml
2024-02-09 16:34:33 +05:30

35 lines
891 B
YAML
Raw Blame History

name: "Microsft SBOM"
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Installing SBOM
run: |
curl -Lo $RUNNER_TEMP/sbom-tool https://github.com/microsoft/sbom-tool/releases/latest/download/sbom-tool-linux-x64
chmod +x $RUNNER_TEMP/sbom-tool
- name: Generate SBOM
run: |
mkdir SBOMOUTPUT
$RUNNER_TEMP/sbom-tool generate -b SBOMOUTPUT/ -bc . -pn ${{ github.repository }} -pv alpha -ps wipro -nsb https://github.com/hashicorp/vagrant
- name: Upload SBOM artifact
uses: actions/upload-artifact@v3
with:
name: sbom
path: SBOMOUTPUT/_manifest/spdx_2.2/manifest.spdx.json
Reference in New Issue View Git Blame Copy Permalink