Skip to content

Commit

Permalink
Use json
Browse files Browse the repository at this point in the history
  • Loading branch information
@ioboi
ioboi committed Feb 5, 2024
1 parent 032324a commit adae787
Showing 1 changed file with 3 additions and 12 deletions.
15 changes: 3 additions & 12 deletions .github/workflows/sbom.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,26 +21,17 @@ jobs:
- name: 'Generate SBOM for Ruby dependencies'
uses: docker://ghcr.io/cyclonedx/cdxgen:v10.0.4
with:
args: --spec-version 1.4 -o sbom-ruby.json -t ruby .
args: --spec-version 1.4 -o bom-ruby.json -t ruby .

- name: 'Generate SBOM for Node.js dependencies'
uses: docker://ghcr.io/cyclonedx/cdxgen:v10.0.4
with:
args: --spec-version 1.4 -o sbom-npm.json -t npm .

- name: 'Generate SBOM for Node.js dependencies'
uses: docker://ghcr.io/cyclonedx/cdxgen:v10.0.4
with:
args: cdxgen -r -o bom.json --spec-version 1.4

- name: "Show workspace"
run: |
cat bom.json
args: --spec-version 1.4 -o bom-npm.json -t npm .

- name: 'Merge frontend and backend SBOMs'
uses: docker://cyclonedx/cyclonedx-cli:0.25.0
with:
args: merge --input-files sbom-ruby.json sbom-npm.json --output-file bom.json
args: merge --input-format json --input-files bom-ruby.json bom-npm.json --output-format json --output-file bom.json

- name: 'Push merged SBOM to dependency track'
env:
Expand Down

0 comments on commit adae787

Please sign in to comment.