stephen/harbor-ci-cd-demo
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Update SBOM generation
Some checks failed
CI/CD Pipeline - Build, Test, and Deploy / 🧪 Test & Lint (push) Successful in 9m31s
Details
CI/CD Pipeline - Build, Test, and Deploy / 🔒 Security Scan (push) Successful in 9m30s
Details
CI/CD Pipeline - Build, Test, and Deploy / 🏗️ Build & Push Image (push) Failing after 24s
Details
CI/CD Pipeline - Build, Test, and Deploy / 🛡️ Image Security Scan (push) Has been skipped
Details
CI/CD Pipeline - Build, Test, and Deploy / 🚀 Deploy to Development (push) Has been skipped
Details
CI/CD Pipeline - Build, Test, and Deploy / 🏭 Deploy to Production (push) Has been skipped
Details
CI/CD Pipeline - Build, Test, and Deploy / 🧹 Cleanup (push) Successful in 1s
Details

Browse Source
This commit is contained in:
stephenminakian
2025-07-03 00:10:13 -06:00
parent adcf818c0d
commit 5bdd6b2d29
1 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
.gitea/workflows/ci-cd.yml
View File

@ -121,11 +121,23 @@ jobs:
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max
- name: Generate SBOM
uses: anchore/sbom-action@v0
with:
image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
format: spdx-json
output-file: sbom.spdx.json
run: |
# Install syft
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
# Login to registry (if needed)
echo "${{ secrets.HARBOR_TOKEN }}" | docker login ${{ env.REGISTRY }} -u ${{ secrets.HARBOR_USERNAME }} --password-stdin
# Generate SBOM using latest tag
syft ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest -o spdx-json > sbom.spdx.json
# Verify SBOM was created
if [ ! -f sbom.spdx.json ]; then
echo "Failed to generate SBOM"
exit 1
fi
echo "SBOM generated successfully"
- name: Upload SBOM
uses: actions/upload-artifact@v3