Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generating SBOMs, Updating Deps and releasing dbs to dockerhub too #706

Merged
merged 23 commits into from
Nov 17, 2022
Merged

Generating SBOMs, Updating Deps and releasing dbs to dockerhub too #706

merged 23 commits into from
Nov 17, 2022

Conversation

ismisepaul
Copy link
Member

@ismisepaul ismisepaul commented Sep 30, 2022
edited
Loading

Please squash this

  • Generate SBOM at Maven Build
  • Generate SBOMs for the 3 docker containers
  • Update dependencies
  • Run release only when a pull request has been merged into master or dev
  • Run test only when there is a push or pull request to dev or master
  • Push databases - MariaDb and MongoDb to Dockerhub
  • Structure test pipeline so that if linting fails stop running the CI and fail, then kick of build, then kick off both unit and integration tests
  • Structure release pipeline to build and create SBOMs and only if that passes push the Docker images to Dockerhub
  • Release ran here https://github.com/OWASP/SecurityShepherd/actions/runs/3161919906 (changed back to OWASP from ismisepaul in this pull request)
  • Test ran here https://github.com/OWASP/SecurityShepherd/actions/runs/3161919911

image

image

@ismisepaul
Adding support to generate an SBOM - cyclonedx
239b8d8
@ismisepaul
only run release when a pull request has been closed on dev or master
f02f7dd
@ismisepaul
run sbom
41081ca
@ismisepaul
testing needs
816b142
@ismisepaul
testing release
af95058
@ismisepaul
testing release
027b6df
@ismisepaul
testing release
0b37a45
@ismisepaul
testing release
2e7386b
@ismisepaul
testing release
49eeabf
@ismisepaul
testing release
c6b87e4
@ismisepaul
testing sbom generation for docker images
5e05f19
@ismisepaul
testing sbom generation for docker images
3f6aeae
@ismisepaul
testing sbom generation for docker images
370e0a3
@ismisepaul
testing sbom generation for docker images
b751fe8
@ismisepaul
testing sbom generation for docker images
83b796a
@ismisepaul
no more typos
8aefa0c
@ismisepaul
sboms in the release instead of test
867fed4
@ismisepaul
output sboms to target
47fe43a
@ismisepaul
output sboms to target
6942c72
@ismisepaul
output sboms to target
afe11a9
@ismisepaul
only run against master and dev and back to OWASP
0b431d3
@ismisepaul
sbom only at release
40ed02a
@ismisepaul ismisepaul added Enhancement Distribution dependencies Pull requests that update a dependency file labels Oct 3, 2022
@ismisepaul ismisepaul merged commit cce805a into dev Nov 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@markdenihan markdenihan Awaiting requested review from markdenihan

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file Distribution Enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ismisepaul