Skip to content
CI-WORKFLOW

Add generating cyclonedx SBOM to github actions CI workflow #39

Sign in to view logs

Add generating cyclonedx SBOM to github actions CI workflow

Add generating cyclonedx SBOM to github actions CI workflow #39

Workflow file for this run

.github/workflows/ci.yml at 88cc4fa
name: CI-WORKFLOW
on:
push:
branches:
- master
pull_request:
branches:
- master
permissions:
contents: read
env:
ACCOUNT_ID: ${{ secrets.ACCOUNT_ID }}
API_KEY: ${{ secrets.API_KEY }}
jobs:
run-cyclonedx:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Log in to the github container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate CycloneDX SBOM
run: |
docker pull ghcr.io/cyclonedx/cdxgen-python:v11
docker run --rm -e FETCH_LICENSE=true -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-python310:v11 -r /app -o /app/sift-bom.json -t python --profile license-compliance
build-and-test-python3:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.10
uses: actions/setup-python@v3
with:
python-version: "3.10.14"
- name: Install the library
run: |
pip install -e .
- name: Run linters
run: |
pip install -U pre-commit
pre-commit run -v --all-files
- name: Run tests
run: |
python -m unittest discover
run-integration-tests-python3:
runs-on: ubuntu-latest
if: ${{ github.ref == 'refs/heads/master' }}
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.10
uses: actions/setup-python@v3
with:
python-version: "3.10.14"
- name: Run integration tests
run: |
pip install .
python test_integration_app/main.py