diff --git a/.github/workflows/legacy-release_sbom-generator.yaml b/.github/workflows/legacy-release_sbom-generator.yaml index 0ed9f9555dad..bcf1c121c467 100644 --- a/.github/workflows/legacy-release_sbom-generator.yaml +++ b/.github/workflows/legacy-release_sbom-generator.yaml @@ -1,4 +1,6 @@ -# Generate SBOM for latest version of dotCMS and put into core-test-repo +#Generate SBOM for the latest dotCMS version +name: Generate and Commit SBOM + on: release: types: [published] @@ -16,14 +18,14 @@ jobs: contents: write # Ensure write access to contents steps: - - name: Checkout core-test-results repository + - name: Checkout core repository uses: actions/checkout@v3 with: - repository: dotCMS/core-test-results + repository: dotCMS/core token: ${{ secrets.GITHUB_TOKEN }} - path: core-test-results + path: core - - name: Get dotCMS release version + - name: Get dotCMS release version and set the branch name based on formatted version id: get_version run: | if [ "${{ github.event_name }}" == "release" ]; then @@ -33,15 +35,24 @@ jobs: # Use the input provided in manual run latest_tag=${{ github.event.inputs.dotcms_version }} fi + # Format the tag name: remove 'v' prefix + formatted_tag=$(echo "$latest_tag" | sed -e 's/^v//' -e 's/^dotcms-cli-//') + # Construct the branch name based on the formatted version + branch_name="release-${formatted_tag}" + echo "DOTCMS_VERSION=${formatted_tag}" >> $GITHUB_ENV + echo "BRANCH_NAME=${branch_name}" >> $GITHUB_ENV - # Format the tag name if necessary - formatted_tag=$(echo "$latest_tag" | sed -e 's/^dotcms-cli-//' -e 's/^v//') - - echo "Latest tag: $formatted_tag" - echo "DOTCMS_VERSION=$formatted_tag" >> $GITHUB_ENV + - name: Print environment variables + run: | + echo "DOTCMS_VERSION=${{ env.DOTCMS_VERSION }}" + echo "BRANCH_NAME=${{ env.BRANCH_NAME }}" - name: Pull and run dotCMS Docker image run: | + if [ -z "${{ env.DOTCMS_VERSION }}" ]; then + echo "Error: DOTCMS_VERSION is not set" + exit 1 + fi docker pull dotcms/dotcms:${{ env.DOTCMS_VERSION }} docker run -d -p 8082:8082 dotcms/dotcms:${{ env.DOTCMS_VERSION }} @@ -49,25 +60,39 @@ jobs: run: | pip install pipx + - name: Scan Docker Image with Syft run: | - pipx run anchore_syft dotcms/dotcms:${{ env.DOTCMS_VERSION }} -o cyclonedx-xml > core-test-results/sbom/cyclonedx.json + pipx run anchore_syft dotcms/dotcms:${{ env.DOTCMS_VERSION }} -o cyclonedx-xml > core/sbom-cyclonedx.json + + + - name: Fetch all branches and list them + run: | + cd core + git fetch --all + git branch -a + + - name: Check out the target branch + run: | + cd core + git fetch origin ${{ env.BRANCH_NAME }} + git checkout -b ${{ env.BRANCH_NAME }} origin/${{ env.BRANCH_NAME }} || { echo "Failed to checkout branch ${{ env.BRANCH_NAME }}"; exit 1; } - - name: Rename SBOM file with dotCMS version + - name: Confirm branch checkout run: | - mkdir -p core-test-results/sbom - mv core-test-results/sbom/cyclonedx.json core-test-results/sbom/dotcms-${{ env.DOTCMS_VERSION }}.json + cd core + git status - name: Configure Git run: | git config --global user.email "action@github.com" git config --global user.name "Github Actions" - - name: Commit and push results to core-test-results repository + - name: Commit and push results to target branch run: | - cd core-test-results - git add sbom/dotcms-${{ env.DOTCMS_VERSION }}.json + cd core + git add sbom-cyclonedx.json git commit -m "Add SBOM for dotCMS version ${{ env.DOTCMS_VERSION }}" || echo "No changes to commit" - git push origin master + git push origin ${{ env.BRANCH_NAME }} env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}