Skip to content

Commit

Permalink
ci: remove sbom step
Browse files Browse the repository at this point in the history
Because there is no one to maintain the system.

Signed-off-by: Alexis Asseman <[email protected]>
  • Loading branch information
aasseman committed Oct 30, 2023
1 parent d3359c1 commit cca2620
Showing 1 changed file with 0 additions and 39 deletions.
39 changes: 0 additions & 39 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -115,42 +115,3 @@ jobs:
${{ steps.report.outputs.body }}
(Empty means OK! 👍)
sbom:
name: Syft SBOM Generator
runs-on: ubuntu-20.04
env:
REPO_NAME: ${{ github.event.repository.name }}
REPORT_FOLDER: ${{ github.event.repository.name }}-sbom-report
steps:
- uses: actions/checkout@v3
- uses: actions/cache@v3
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-sbom
- run: |
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b .
mkdir "${{ env.REPORT_FOLDER }}"
./syft . --scope all-layers -o cyclonedx-xml=${{ env.REPORT_FOLDER }}/sbom-report.$(date "+%Y.%m.%d-%H.%M").xml
./syft . --scope all-layers -o cyclonedx-json=${{ env.REPORT_FOLDER }}/sbom-report.$(date "+%Y.%m.%d-%H.%M").json
cp ${{ env.REPORT_FOLDER }}/*.xml sbom-report.xml
curl -X 'POST' 'http://34.149.248.118/api/v1/bom' \
-H 'Content-Type: multipart/form-data' \
-H 'X-API-Key: ${{ secrets.DEPENDENCYTRACK_APIKEY }}' \
-F 'autoCreate=true' \
-F 'projectVersion=1.0' \
-F "projectName=${{ env.REPO_NAME }}" \
-F '[email protected]'
- uses: 'google-github-actions/auth@v1'
with:
credentials_json: '${{ secrets.GHA_SA_KEY }}'
- uses: 'google-github-actions/upload-cloud-storage@v1'
with:
process_gcloudignore: false
path: '${{ env.REPORT_FOLDER }}/'
destination: 'security-sbom'

0 comments on commit cca2620

Please sign in to comment.