dotCMS · rsh1k · Aug 14, 2024 · Aug 14, 2024 · Aug 14, 2024 · Aug 15, 2024
@@ -1,4 +1,6 @@
-# Generate SBOM for latest version of dotCMS and put into core-test-repo
+#Generate SBOM for the latest dotCMS version
+name: Generate and Commit SBOM
+
 on:
   release:
     types: [published]
@@ -16,14 +18,14 @@ jobs:
       contents: write  # Ensure write access to contents
 
     steps:
-      - name: Checkout core-test-results repository
+      - name: Checkout core repository
         uses: actions/checkout@v3
         with:
-          repository: dotCMS/core-test-results
+          repository: dotCMS/core
           token: ${{ secrets.GITHUB_TOKEN }}
-          path: core-test-results
+          path: core
 
-      - name: Get dotCMS release version
+      - name: Get dotCMS release version and set the branch name based on formatted version
         id: get_version
         run: |
           if [ "${{ github.event_name }}" == "release" ]; then
@@ -33,41 +35,64 @@ jobs:
             # Use the input provided in manual run
             latest_tag=${{ github.event.inputs.dotcms_version }}
           fi
+          # Format the tag name: remove 'v' prefix
+          formatted_tag=$(echo "$latest_tag" | sed -e 's/^v//' -e 's/^dotcms-cli-//')
+          # Construct the branch name based on the formatted version
+          branch_name="release-${formatted_tag}"
+          echo "DOTCMS_VERSION=${formatted_tag}" >> $GITHUB_ENV
+          echo "BRANCH_NAME=${branch_name}" >> $GITHUB_ENV
 
-          # Format the tag name if necessary
-          formatted_tag=$(echo "$latest_tag" | sed -e 's/^dotcms-cli-//' -e 's/^v//')
-
-          echo "Latest tag: $formatted_tag"
-          echo "DOTCMS_VERSION=$formatted_tag" >> $GITHUB_ENV
+      - name: Print environment variables
+        run: |
+          echo "DOTCMS_VERSION=${{ env.DOTCMS_VERSION }}"
+          echo "BRANCH_NAME=${{ env.BRANCH_NAME }}"
 
       - name: Pull and run dotCMS Docker image
         run: |
+          if [ -z "${{ env.DOTCMS_VERSION }}" ]; then
+            echo "Error: DOTCMS_VERSION is not set"
+            exit 1
+          fi
           docker pull dotcms/dotcms:${{ env.DOTCMS_VERSION }}
           docker run -d -p 8082:8082 dotcms/dotcms:${{ env.DOTCMS_VERSION }}
 
       - name: Install pipx
         run: |
           pip install pipx
 
+
       - name: Scan Docker Image with Syft
         run: |
-          pipx run anchore_syft dotcms/dotcms:${{ env.DOTCMS_VERSION }} -o cyclonedx-xml > core-test-results/sbom/cyclonedx.json
+          pipx run anchore_syft dotcms/dotcms:${{ env.DOTCMS_VERSION }} -o cyclonedx-xml > core/sbom-cyclonedx.json
+
+
+      - name: Fetch all branches and list them
+        run: |
+          cd core
+          git fetch --all
+          git branch -a
+
+      - name: Check out the target branch
+        run: |
+          cd core
+          git fetch origin ${{ env.BRANCH_NAME }}
+          git checkout -b ${{ env.BRANCH_NAME }} origin/${{ env.BRANCH_NAME }} || { echo "Failed to checkout branch ${{ env.BRANCH_NAME }}"; exit 1; }
 
-      - name: Rename SBOM file with dotCMS version
+      - name: Confirm branch checkout
         run: |
-          mkdir -p core-test-results/sbom
-          mv core-test-results/sbom/cyclonedx.json core-test-results/sbom/dotcms-${{ env.DOTCMS_VERSION }}.json
+          cd core
+          git status
 
       - name: Configure Git
         run: |
           git config --global user.email "[email protected]"
           git config --global user.name "Github Actions"
 
-      - name: Commit and push results to core-test-results repository
+      - name: Commit and push results to target branch
         run: |
-          cd core-test-results
-          git add sbom/dotcms-${{ env.DOTCMS_VERSION }}.json
+          cd core
+          git add sbom-cyclonedx.json
           git commit -m "Add SBOM for dotCMS version ${{ env.DOTCMS_VERSION }}" || echo "No changes to commit"
-          git push origin master
+          git push origin ${{ env.BRANCH_NAME }}
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}