Skip to content

Commit

Permalink
Adds in merge tool
Browse files Browse the repository at this point in the history
  • Loading branch information
@vpetersson
vpetersson committed Jul 23, 2024
1 parent c284f9f commit 876afeb
Showing 1 changed file with 21 additions and 1 deletion.
22 changes: 21 additions & 1 deletion .github/workflows/phase_1_python.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,10 +73,30 @@ jobs:
steps:
- uses: actions/checkout@v4

# Should probably pin this dependency
- name: "Install sbommerge"
working-directory: "Phase 1/Python"
run: |
python -m pip install sbommerge
- name: Download all workflow run artifacts
uses: actions/download-artifact@v4

# TODO: Merge SBOMS
- name: "CycloneDX: Generate Merged SBOM"
working-directory: "Phase 1/Python"
run: |
sbommerge \
--format json \
--sbom cyclonedx \
-output-file flattened-cyclonedx.json \
container-sbom_cyclonedx.json \
application-sbom_cyclonedx.json
- name: Upload Combined CycloneDX SBOM
uses: actions/upload-artifact@v3
with:
name: application-sbom-cyclonedx
path: "Phase 1/Python/flattened-cyclonedx.json"

Validate:
needs: Assemble
Expand Down

0 comments on commit 876afeb

Please sign in to comment.