Comments out wip

CISA-SBOM-Community · Oct 1, 2024 · 0bb68a6 · 0bb68a6
1 parent 19d3643
commit 0bb68a6
Showing 1 changed file with 13 additions and 13 deletions.
diff --git a/.github/workflows/phase_1_python.yml b/.github/workflows/phase_1_python.yml
@@ -221,28 +221,28 @@ jobs:
       - name: Build top-level CDX SBOM
         run: |
           # Create destination folder
-          mkdir /tmp/output
+          #mkdir /tmp/output
 
           # Define metadata for parent template
-          export TOP_LEVEL_UUID=$(uuidgen)
-          export APPLICATION_SBOM_SHA256=$(sha256sum enriched-sboms/enriched_application-sbom.cdx.json | awk {'print $1'})
-          export CONTAINER_SBOM_SHA256=$(sha256sum enriched-sboms/enriched_container-sbom.cdx.json | awk {'print $1'})
-          export CREATION_TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%S%z")
-          export CONTAINER_BOM_REF=$(jq -r '.metadata.component["bom-ref"]' enriched-sboms/enriched_container-sbom.cdx.json)
-          export APPLICATION_BOM_REF=$(jq -r '.metadata.component["bom-ref"]' enriched-sboms/enriched_application-sbom.cdx.json)
+          #export TOP_LEVEL_UUID=$(uuidgen)
+          #export APPLICATION_SBOM_SHA256=$(sha256sum enriched-sboms/enriched_application-sbom.cdx.json | awk {'print $1'})
+          #export CONTAINER_SBOM_SHA256=$(sha256sum enriched-sboms/enriched_container-sbom.cdx.json | awk {'print $1'})
+          #export CREATION_TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%S%z")
+          #export CONTAINER_BOM_REF=$(jq -r '.metadata.component["bom-ref"]' enriched-sboms/enriched_container-sbom.cdx.json)
+          #export APPLICATION_BOM_REF=$(jq -r '.metadata.component["bom-ref"]' enriched-sboms/enriched_application-sbom.cdx.json)
 
           # We're using `envsubst` here to populate the metadata
           # template from environment variables
-          cat "phase_1/Python/sbom/top-level.cdx.json.tmpl" | jq | \
-            envsubst > top-level-sbom.cdx.json.tmp
+          #cat "phase_1/Python/sbom/top-level.cdx.json.tmpl" | jq | \
+          #  envsubst > top-level-sbom.cdx.json.tmp
 
           # Set GITHUB_RUN_NUMBER as the version of the SBOM
-          jq '.version = (env.GITHUB_RUN_NUMBER | tonumber)' \
-            top-level-sbom.cdx.json.tmp  \
-            > /tmp/output/top-level-sbom.cdx.json
+          #jq '.version = (env.GITHUB_RUN_NUMBER | tonumber)' \
+          #  top-level-sbom.cdx.json.tmp  \
+          #  > /tmp/output/top-level-sbom.cdx.json
 
           # Copy in enriched SBOMs
-          cp enriched-sboms/enriched_*-sbom.cdx.json /tmp/output/
+          #cp enriched-sboms/enriched_*-sbom.cdx.json /tmp/output/
 
       - name: Upload Top Level SBOMs
         uses: actions/upload-artifact@v4