Skip to content

Commit

Permalink
change output to filepath
Browse files Browse the repository at this point in the history
  • Loading branch information
Michael Long committed Mar 8, 2024
1 parent a820634 commit 696ed23
Show file tree
Hide file tree
Showing 8 changed files with 4 additions and 66 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/archive.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,10 @@ jobs:
output_inspector_scan_path: 'archive_scan.json'

- name: Demonstrate SBOM Output
run: cat archive_sbom.json
run: cat ${{ steps.inspector.outputs.artifact_sbom }}

- name: Demonstrate Inspector Scan Output
run: cat archive_scan.json
run: cat ${{ steps.inspector.outputs.inspector_scan_results }}

- name: Upload Inspector Scan Results
uses: actions/upload-artifact@v4
Expand Down
6 changes: 0 additions & 6 deletions .github/workflows/binary.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,6 @@ jobs:
output_sbom_path: 'sbomgen_sbom.json'
output_inspector_scan_path: 'sbomgen_scan.json'

- name: Demonstrate SBOM Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.artifact_sbom }}

- name: Demonstrate Inspector Scan Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.inspector_scan_results }}

- name: Upload Inspector Scan Results
uses: actions/upload-artifact@v4
continue-on-error: true
Expand Down
6 changes: 0 additions & 6 deletions .github/workflows/container_remote.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,12 +40,6 @@ jobs:
output_sbom_path: 'alpine_sbom.json'
output_inspector_scan_path: 'alpine_scan.json'

- name: Demonstrate SBOM Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.artifact_sbom }}

- name: Demonstrate Inspector Scan Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.inspector_scan_results }}

- name: Upload Inspector Scan Results
uses: actions/upload-artifact@v4
continue-on-error: true
Expand Down
6 changes: 0 additions & 6 deletions .github/workflows/container_tarball.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,6 @@ jobs:
output_sbom_path: 'tarball_sbom.json'
output_inspector_scan_path: 'tarball_scan.json'

- name: Demonstrate SBOM Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.artifact_sbom }}

- name: Demonstrate Inspector Scan Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.inspector_scan_results }}

- name: Upload Inspector Scan Results
uses: actions/upload-artifact@v4
continue-on-error: true
Expand Down
6 changes: 0 additions & 6 deletions .github/workflows/demo.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,6 @@ jobs:
output_sbom_path: 'sbom.json'
output_inspector_scan_path: 'inspector_scan.json'

- name: Demonstrate SBOM Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.artifact_sbom }}

- name: Demonstrate Inspector Scan Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.inspector_scan_results }}

- name: Upload Inspector Scan Results
uses: actions/upload-artifact@v4
continue-on-error: true
Expand Down
6 changes: 0 additions & 6 deletions .github/workflows/docker_build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,12 +47,6 @@ jobs:
output_sbom_path: 'debug_sbom.json'
output_inspector_scan_path: 'debug_scan.json'

- name: Demonstrate SBOM Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.artifact_sbom }}

- name: Demonstrate Inspector Scan Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.inspector_scan_results }}

- name: Upload Inspector Scan Results
uses: actions/upload-artifact@v4
continue-on-error: true
Expand Down
6 changes: 0 additions & 6 deletions .github/workflows/repository.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,6 @@ jobs:
output_sbom_path: 'repo_sbom.json'
output_inspector_scan_path: 'repo_scan.json'

- name: Demonstrate SBOM Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.artifact_sbom }}

- name: Demonstrate Inspector Scan Output
run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.inspector_scan_results }}

- name: Upload Inspector Scan Results
uses: actions/upload-artifact@v4
continue-on-error: true
Expand Down
30 changes: 2 additions & 28 deletions entrypoint/entrypoint/orchestrator.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,6 @@ def set_github_output(key, value):
logging.info("skipping GitHub Actions outputs because we are not running in GitHub")
return 0

size_in_mb = (sys.getsizeof(value)) / (1024 * 1024)
if size_in_mb > 1:
s = f"unable to set output '{key}' because it is larger than GitHub's maximum allowed file size (1MB); actual size: {size_in_mb}"
logging.warning(s)
compressed_contents = zlib.compress(s.encode())
encoded = base64.b64encode(compressed_contents).decode()
value = encoded

cmd = f'echo {key}="{value}" >> $GITHUB_OUTPUT'
return os.system(cmd)

Expand Down Expand Up @@ -123,16 +115,7 @@ def invoke_sbomgen(args) -> int:
if ret != 0:
return ret

# encode and compress sbom so we can set
# contents as a GitHub Output, which has a 1MB limit
encoded_sbom = ""
try:
encoded_sbom = compress_encode_file(args.out_sbom)
except Exception as e:
logging.error(e)
return 1

ret = set_github_output("artifact_sbom", encoded_sbom)
ret = set_github_output("artifact_sbom", args.out_sbom)
if ret != 0:
logging.error("unable to set GitHub output for 'artifact_sbom'")
return ret
Expand All @@ -155,16 +138,7 @@ def invoke_inspector_scan(src_sbom, dst_scan):
if ret != 0:
return ret

# encode and compress sbom so we can set
# contents as a GitHub Output, which has a 1MB limit
encoded_scan = ""
try:
encoded_scan = compress_encode_file(dst_scan)
except Exception as e:
logging.error(e)
return 1

if set_github_output("inspector_scan_results", encoded_scan) != 0:
if set_github_output("inspector_scan_results", dst_scan) != 0:
logging.error("unable to set GitHub output for 'inspector_scan_results'")

return ret
Expand Down

0 comments on commit 696ed23

Please sign in to comment.