Skip to content

Release 9.9.6

Release 9.9.6 #20

Workflow file for this run

name: Release SBOM Assets
on:
release:
types:
- created
jobs:
release:
name: Upload Release Asset
strategy:
fail-fast: false
matrix:
tag:
- 9-community
- 9-developer
- 9-enterprise
- 9-datacenter-app
- 9-datacenter-search
- 10-community
- 10-developer
- 10-enterprise
- 10-datacenter-app
- 10-datacenter-search
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- id: secrets
uses: SonarSource/vault-action-wrapper@3.0.0
with:
secrets: |
development/kv/data/sign key | gpg_key;
development/kv/data/sign passphrase | gpg_passphrase;
- name: Generate CycloneDX SBOM
uses: SonarSource/gh-action_sbom@v1
with:
image: "sonarqube:${{ matrix.tag }}"
filename: "sonarqube-${{ matrix.tag }}-bom.json"
upload-artifact: true
upload-release-assets: true
env:
GPG_PRIVATE_KEY_PASSPHRASE: ${{ fromJSON(steps.secrets.outputs.vault).gpg_passphrase }}
GPG_PRIVATE_KEY_BASE64: ${{ fromJSON(steps.secrets.outputs.vault).gpg_key }}