Skip to content

Commit

Permalink
ci: test sbom
Browse files Browse the repository at this point in the history 
Signed-off-by: r3drun3 <simone.ragonesi@sighup.io>
  • Loading branch information
@R3DRUN3
R3DRUN3 committed Jan 15, 2024
1 parent deb1334 commit f07c715
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/patch.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,10 @@ jobs:
id: push
if: steps.login.conclusion == 'success'
run: |
image_name="${{ steps.copa.outputs.patched-image }}"
sbom_file="${image_name}-SBOM.json"
docker sbom --format spdx-json --output "${sbom_file}" "${image_name}"
docker push ghcr.io/r3drun3/immunize/${ sbom_file }
docker push ghcr.io/r3drun3/immunize/${{ steps.copa.outputs.patched-image }}
- name: Sign image with Cosign
Expand Down

0 comments on commit f07c715

Please sign in to comment.