binary.yml

on: [push]

jobs:
  inspector:
    runs-on: ubuntu-latest
    name: "Binary Scan"
    environment:
      name: plugin-development
    steps:
      # To use this repository's private action,
      # you must check out the repository
      - name: Checkout
        uses: actions/checkout@v4

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-region: ${{ secrets.AWS_REGION }}
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

      - name: Scan artifact with Inspector
        uses: ./ # Uses an action in the root directory
        id: inspector
        with:
          artifact_type: 'binary'
          artifact_path: 'testData/inspector-sbomgen'
          output_sbom_path: 'sbomgen_sbom.json'
          output_inspector_scan_path: 'sbomgen_scan.json'

      - name: Demonstrate SBOM Output
        run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.artifact_sbom }}

      - name: Demonstrate Inspector Scan Output
        run: python3 scripts/decode_action_output.py ${{ steps.inspector.outputs.inspector_scan_results }}

      - name: Upload Inspector Scan Results
        uses: actions/upload-artifact@v4
        continue-on-error: true
        with:
          name: Inspector Scan SBOM Results
          path: |
            sbomgen_sbom.json
            sbomgen_scan.json