Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SBOM Test to GitHub Workflow #29467

Merged
merged 13 commits into from
Aug 13, 2024
Merged

Add SBOM Test to GitHub Workflow #29467

Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
0a32fb1
Create sbom_generator
rsh1k Aug 6, 2024
42c299f
Update sbom_generator
rsh1k Aug 6, 2024
e1446f4
Update sbom_generator
rsh1k Aug 6, 2024
859a9e2
Update sbom_generator
rsh1k Aug 7, 2024
36c4eb0
Rename sbom_generator to sbom_generator.yaml
rsh1k Aug 7, 2024
09427f0
Merge branch 'master' into sbom
mbiuki Aug 8, 2024
0b21bba
Update sbom_generator.yaml
rsh1k Aug 11, 2024
6d07b5d
Update sbom_generator.yaml
rsh1k Aug 11, 2024
fc6708c
Create sbom.yaml
rsh1k Aug 11, 2024
3da1ae1
Delete .github/workflows/sbom.yaml
rsh1k Aug 11, 2024
9874411
Update sbom_generator.yaml
rsh1k Aug 11, 2024
d7e280a
Merge branch 'master' into sbom
rsh1k Aug 13, 2024
01b95ac
Rename sbom_generator.yaml to legacy-release_sbom-generator.yaml
rsh1k Aug 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 73 additions & 0 deletions .github/workflows/legacy-release_sbom-generator.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
# Generate SBOM for latest version of dotCMS and put into core-test-repo
on:
release:
types: [published]
workflow_dispatch:
inputs:
dotcms_version:
description: 'Enter the dotCMS version (vYY.MM.DD)'
required: true
default: ''

jobs:
scan:
runs-on: ubuntu-latest
permissions:
contents: write # Ensure write access to contents

steps:
- name: Checkout core-test-results repository
uses: actions/checkout@v3
with:
repository: dotCMS/core-test-results
token: ${{ secrets.GITHUB_TOKEN }}
path: core-test-results

- name: Get dotCMS release version
id: get_version
run: |
if [ "${{ github.event_name }}" == "release" ]; then
# Extract the tag name from the release event context
latest_tag=${{ github.event.release.tag_name }}
else
# Use the input provided in manual run
latest_tag=${{ github.event.inputs.dotcms_version }}
fi

# Format the tag name if necessary
formatted_tag=$(echo "$latest_tag" | sed -e 's/^dotcms-cli-//' -e 's/^v//')

echo "Latest tag: $formatted_tag"
echo "DOTCMS_VERSION=$formatted_tag" >> $GITHUB_ENV

- name: Pull and run dotCMS Docker image
run: |
docker pull dotcms/dotcms:${{ env.DOTCMS_VERSION }}
docker run -d -p 8082:8082 dotcms/dotcms:${{ env.DOTCMS_VERSION }}

- name: Install pipx
run: |
pip install pipx

- name: Scan Docker Image with Syft
run: |
pipx run anchore_syft dotcms/dotcms:${{ env.DOTCMS_VERSION }} -o cyclonedx-xml > core-test-results/sbom/cyclonedx.json

- name: Rename SBOM file with dotCMS version
run: |
mkdir -p core-test-results/sbom
mv core-test-results/sbom/cyclonedx.json core-test-results/sbom/dotcms-${{ env.DOTCMS_VERSION }}.json

- name: Configure Git
run: |
git config --global user.email "action@github.com"
git config --global user.name "Github Actions"

- name: Commit and push results to core-test-results repository
run: |
cd core-test-results
git add sbom/dotcms-${{ env.DOTCMS_VERSION }}.json
git commit -m "Add SBOM for dotCMS version ${{ env.DOTCMS_VERSION }}" || echo "No changes to commit"
git push origin master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Loading