Release 10.3.0 #11

	name: Release SBOM Assets

	on:
	release:
	types:
	- created

	jobs:
	release:
	name: Upload Release Asset
	strategy:
	fail-fast: false
	matrix:
	tag:
	- 9-community
	- 9-developer
	- 9-enterprise
	- 9-datacenter-app
	- 9-datacenter-search
	- 10-community
	- 10-developer
	- 10-enterprise
	- 10-datacenter-app
	- 10-datacenter-search
	runs-on: ubuntu-latest
	permissions:
	contents: write
	id-token: write
	steps:
	- id: secrets
	uses: SonarSource/vault-action-wrapper@2.4.3-1
	with:
	secrets: \|
	development/kv/data/sign key \| gpg_key;
	development/kv/data/sign passphrase \| gpg_passphrase;
	- name: Generate CycloneDX SBOM
	uses: SonarSource/gh-action_sbom@v1
	with:
	image: "sonarqube:${{ matrix.tag }}"
	filename: "sonarqube-${{ matrix.tag }}-bom.json"
	upload-artifact: true
	upload-release-assets: true
	env:
	GPG_PRIVATE_KEY_PASSPHRASE: ${{ fromJSON(steps.secrets.outputs.vault).gpg_passphrase }}
	GPG_PRIVATE_KEY_BASE64: ${{ fromJSON(steps.secrets.outputs.vault).gpg_key }}

Provide feedback