-
Notifications
You must be signed in to change notification settings - Fork 14
50 lines (47 loc) · 1.51 KB
/
sbom-docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
name: SBOM Docker Artifact
on:
workflow_run:
workflows: ['Docker Image CI']
types:
- completed
branches: [main]
push:
branches: [dev]
jobs:
get-images:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: '0'
- name: Get version from git
run: echo "RELEASE_VERSION=$(git describe --tags --abbrev=0 | grep -Eo '[0-9]+\.[0-9]+.[0-9]+')" >> $GITHUB_ENV
- name: Set release channel for dev
run: echo "RELEASE_CHANNEL=-dev" >> $GITHUB_ENV
if: ${{ github.ref_name == 'dev' }}
- name: Test release tag version and channel
run: echo "RELEASE_VERSION == $RELEASE_VERSION CHANNEL == $RELEASE_CHANNEL"
- name: Install jq
run: |
sudo apt-get update
sudo apt-get install jq
- name: Set Matrix output
id: set-matrix
run: |
JSON=$(grep "image:" docker-compose.yml | awk '{print $2}' | jq --raw-input -s -c 'split("\n")|.[0:-1]' | sed "s/:[^\"]*/:${RELEASE_VERSION:-latest}${RELEASE_CHANNEL:-}/g")
echo "debug: matrix=$JSON"
echo "matrix=$( echo "$JSON" )" >> $GITHUB_OUTPUT
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
sbom:
name: Generate SBOMs
needs: get-images
runs-on: ubuntu-latest
strategy:
matrix:
image: ${{ fromJson(needs.get-images.outputs.matrix) }}
steps:
- name: Generate SBOM
uses: anchore/sbom-action@v0
with:
image: ${{ matrix.image }}