From adae787e6a3b59e83012981b38b6d842b0ad3241 Mon Sep 17 00:00:00 2001
From: Yannik Daellenbach <daellenbach@puzzle.ch>
Date: Mon, 5 Feb 2024 14:17:57 +0100
Subject: [PATCH] Use json

---
 .github/workflows/sbom.yml | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
index f2716826d..a9d82e340 100644
--- a/.github/workflows/sbom.yml
+++ b/.github/workflows/sbom.yml
@@ -21,26 +21,17 @@ jobs:
       - name: 'Generate SBOM for Ruby dependencies'
         uses: docker://ghcr.io/cyclonedx/cdxgen:v10.0.4
         with:
-          args: --spec-version 1.4 -o sbom-ruby.json -t ruby .
+          args: --spec-version 1.4 -o bom-ruby.json -t ruby .
 
       - name: 'Generate SBOM for Node.js dependencies'
         uses: docker://ghcr.io/cyclonedx/cdxgen:v10.0.4
         with:
-          args: --spec-version 1.4 -o sbom-npm.json -t npm .
-
-      - name: 'Generate SBOM for Node.js dependencies'
-        uses: docker://ghcr.io/cyclonedx/cdxgen:v10.0.4
-        with:
-          args: cdxgen -r -o bom.json --spec-version 1.4 
-
-      - name: "Show workspace"
-        run: |
-          cat bom.json
+          args: --spec-version 1.4 -o bom-npm.json -t npm .
 
       - name: 'Merge frontend and backend SBOMs'
         uses: docker://cyclonedx/cyclonedx-cli:0.25.0
         with:
-          args: merge --input-files sbom-ruby.json sbom-npm.json --output-file bom.json
+          args: merge --input-format json --input-files bom-ruby.json bom-npm.json --output-format json --output-file bom.json
 
       - name: 'Push merged SBOM to dependency track'
         env: