Skip to content

Commit

Permalink
chore(deps): upload sbom to gh release/tag assets (#9966)
Browse files Browse the repository at this point in the history
ci(update): upload sbom to gh release/tag assets (#9963)

upload sbom to gh release/tag assets

Signed-off-by: saisatishkarra <saisatish.karra@konghq.com>
(cherry picked from commit e586b12)

Co-authored-by: saisatishkarra <saisatish.karra@konghq.com>
  • Loading branch information
Automaat and saisatishkarra authored Apr 17, 2024
1 parent c6d7d77 commit 6fbdafe
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 4 deletions.
8 changes: 5 additions & 3 deletions .github/workflows/_build_publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -128,17 +128,19 @@ jobs:
make test/container-structure/${{ matrix.image }}
- name: scan amd64 image
id: scan_image-amd64
uses: Kong/public-shared-actions/security-actions/scan-docker-image@590c699fe824010d7d563a33cc60500d847d3f9e # v2.1.0
uses: Kong/public-shared-actions/security-actions/scan-docker-image@0ff22c9835d745aefc41a99de6d526dc9e984105 # v2.2.0
with:
asset_prefix: image_${{ matrix.image }}-amd64
image: ./build/docker/${{ matrix.image }}-amd64.tar
upload-sbom-release-assets: true
- name: scan arm64 image
id: scan_image-arm64
if: ${{ fromJSON(inputs.FULL_MATRIX) }}
uses: Kong/public-shared-actions/security-actions/scan-docker-image@590c699fe824010d7d563a33cc60500d847d3f9e # v2.1.0
uses: Kong/public-shared-actions/security-actions/scan-docker-image@0ff22c9835d745aefc41a99de6d526dc9e984105 # v2.2.0
with:
asset_prefix: image_${{ matrix.image }}-arm64
image: ./build/docker/${{ matrix.image }}-arm64.tar
upload-sbom-release-assets: true
# TODO in the future we may want to have prerelease images and use `regctl image copy` to move them to their final location
- name: publish images
id: release_images
Expand Down Expand Up @@ -182,7 +184,7 @@ jobs:
- name: sign image
if: ${{ fromJSON(inputs.ALLOW_PUSH) }}
id: sign
uses: Kong/public-shared-actions/security-actions/sign-docker-image@590c699fe824010d7d563a33cc60500d847d3f9e # v2.1.0
uses: Kong/public-shared-actions/security-actions/sign-docker-image@0ff22c9835d745aefc41a99de6d526dc9e984105 # v2.2.0
with:
image_digest: ${{ steps.image_digest.outputs.digest }}
tags: ${{ steps.image_meta.outputs.image }}
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/build-test-distribute.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -69,10 +69,11 @@ jobs:
- run: |
make check
- id: sca-project
uses: Kong/public-shared-actions/security-actions/sca@590c699fe824010d7d563a33cc60500d847d3f9e # v2.1.0
uses: Kong/public-shared-actions/security-actions/sca@0ff22c9835d745aefc41a99de6d526dc9e984105 # v2.2.0
with:
dir: .
config: .syft.yaml
upload-sbom-release-assets: true
- id: metadata
run: |
echo "images=$(make images/info/release/json)" >> $GITHUB_OUTPUT
Expand Down

0 comments on commit 6fbdafe

Please sign in to comment.