-
Notifications
You must be signed in to change notification settings - Fork 1
37 lines (29 loc) · 1.08 KB
/
build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Build the rock
name: Build
on:
workflow_call:
jobs:
build:
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4
- name: Get name
id: name
run: echo "name=$(yq '.name' rockcraft.yaml)" >> "$GITHUB_OUTPUT"
- uses: canonical/craft-actions/rockcraft-pack@main
id: rockcraft
- name: Install Syft
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
- name: Create SBOM
run: syft ${{ steps.rockcraft.outputs.rock }} -o spdx-json=${{ steps.name.outputs.name }}.sbom.json
- name: Upload SBOM
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4
with:
name: ${{ steps.name.outputs.name }}-sbom
path: "${{ steps.name.outputs.name }}.sbom.json"
- uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4
with:
name: rock
path: ${{ steps.rockcraft.outputs.rock }}