Skip to content

Attach sbom to container image #272

Attach sbom to container image

Attach sbom to container image #272

name: Python atom tests
on:
workflow_dispatch:
pull_request:
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: ['21.x']
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: coursier/cache-action@v6
- name: Set up JDK
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '19'
- name: npm install, build and test
run: |
npm install
npm run build --if-present
mkdir -p repotests
mkdir -p bomresults
env:
CI: true
- uses: actions/checkout@v4
with:
repository: 'scipy/scipy'
path: 'repotests/scipy'
- uses: actions/checkout@v4
with:
repository: 'psf/black'
path: 'repotests/black'
- uses: actions/checkout@v4
with:
repository: 'psf/pyperf'
path: 'repotests/pyperf'
- uses: actions/checkout@v4
with:
repository: 'psf/cachecontrol'
path: 'repotests/cachecontrol'
- uses: actions/checkout@v4
with:
repository: 'pallets/flask'
path: 'repotests/flask'
- uses: actions/checkout@v4
with:
repository: 'pallets/click'
path: 'repotests/click'
- uses: actions/checkout@v4
with:
repository: 'pallets/jinja'
path: 'repotests/jinja'
- uses: actions/checkout@v4
with:
repository: 'pypa/bandersnatch'
path: 'repotests/bandersnatch'
- name: repotests
run: |
bin/cdxgen.js -p -r -t python repotests/scipy -o bomresults/bom-scipy.json --validate
bin/cdxgen.js -p -r -t python repotests/black -o bomresults/bom-black.json --validate
bin/cdxgen.js -p -r -t python repotests/pyperf -o bomresults/bom-pyperf.json --validate
bin/cdxgen.js -p -r -t python repotests/cachecontrol -o bomresults/bom-cachecontrol.json --validate
bin/cdxgen.js -p -r -t python repotests/flask -o bomresults/bom-flask.json --validate
bin/cdxgen.js -r -t python repotests/click -o bomresults/bom-click.json --validate
bin/cdxgen.js -p -r -t python repotests/jinja -o bomresults/bom-jinja.json --validate
bin/cdxgen.js -r -t python repotests/bandersnatch -o bomresults/bom-bandersnatch.json --validate
bin/cdxgen.js --no-install-deps -p -r -t python repotests/scipy -o bomresults/bom-scipy.json --validate
bin/cdxgen.js --no-install-deps -p -r -t python repotests/black -o bomresults/bom-black.json --validate
bin/cdxgen.js --no-install-deps -p -r -t python repotests/pyperf -o bomresults/bom-pyperf.json --validate
bin/cdxgen.js --no-install-deps -p -r -t python repotests/cachecontrol -o bomresults/bom-cachecontrol.json --validate
bin/cdxgen.js --no-install-deps -p -r -t python repotests/flask -o bomresults/bom-flask.json --validate
bin/cdxgen.js --no-install-deps -r -t python repotests/click -o bomresults/bom-click.json --validate
bin/cdxgen.js --no-install-deps -p -r -t python repotests/jinja -o bomresults/bom-jinja.json --validate
bin/cdxgen.js --no-install-deps -r -t python repotests/bandersnatch -o bomresults/bom-bandersnatch.json --validate
# virtualenv tests
python -m venv venv
source venv/bin/activate
pip install -r repotests/bandersnatch/requirements.txt
pip install -r repotests/bandersnatch/requirements_s3.txt
pip install -r repotests/bandersnatch/requirements_swift.txt
pip install -r repotests/bandersnatch/requirements_test.txt
pip install -r repotests/bandersnatch/requirements_docs.txt
bin/cdxgen.js --no-install-deps -r -t python repotests/bandersnatch -o bomresults/bom-bandersnatch.json --validate
rm -rf venv
env:
CDXGEN_DEBUG_MODE: debug