stephen/harbor-ci-cd-demo
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Debug sbom upload
Some checks failed
CI/CD Pipeline - Build, Test, and Deploy / 🏗️ Build & Push Image (push) Failing after 12s
Details
CI/CD Pipeline - Build, Test, and Deploy / 🧹 Cleanup (push) Successful in 1s
Details

Browse Source
This commit is contained in:
stephenminakian
2025-07-03 09:06:05 -06:00
parent 24459502e9
commit 4874ca099d
1 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
.gitea/workflows/ci-cd.yml
View File

@ -143,11 +143,20 @@ jobs:
echo "SBOM generated successfully"
- name: Upload SBOM
uses: actions/upload-artifact@v3
with:
name: sbom
path: sbom.spdx.json
- name: Upload SBOM to Harbor via ORAS
run: |
curl -sSL https://install.oras.land/install.sh | sh -s -- -b /usr/local/bin
IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
# Authenticate (ensure $HARBOR_USERNAME and $HARBOR_TOKEN are exported already)
echo "${{ secrets.HARBOR_TOKEN }}" | oras login ${{ env.REGISTRY }} -u '${{ secrets.HARBOR_USERNAME }}' --password-stdin
# Push the SBOM attached to the image
oras push $IMAGE \
--artifact-type application/spdx+json \
--subject $IMAGE \
sbom.spdx.json:application/spdx+json
# Job 4: Image Security Scan
# scan: