Skip to content

chore: add dependabot config file to update actions #118

chore: add dependabot config file to update actions

chore: add dependabot config file to update actions #118

Workflow file for this run

name: Generate and ingest SBOM into sbom.eclipse.org
on:
push:
branches: [main]
workflow_dispatch:
inputs:
version:
description: 'Version'
default: 'main'
required: true
permissions:
contents: read
jobs:
generate-sbom:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{ github.event.inputs.version }}
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
python-version: '3.12'
- name: Install cyclonedx-py
run: pipx install cyclonedx-bom
- name: Generate sbom
run: cyclonedx-py poetry --with main,app -o otterdog-bom.json
- name: Upload sbom
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: otterdog-bom.json
path: otterdog-bom.json
upload-sbom:
runs-on: ubuntu-latest
needs: [ 'generate-sbom' ]
steps:
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: otterdog-bom.json
- name: Extract version
id: version
run: |
VERSION="$(jq -r '.metadata.component.version' < otterdog-bom.json)"
echo "version=$(echo ${VERSION})" >> $GITHUB_OUTPUT
- uses: DependencyTrack/gh-upload-sbom@1f0526714a54aeb1cdf780889cf1e917c477d775 # v3.0.0
with:
serverHostname: 'sbom.eclipse.org'
apiKey: ${{ secrets.DEPENDENCY_TRACK_API_KEY }}
projectName: 'otterdog'
projectVersion: ${{ steps.version.outputs.version }}
bomFilename: "otterdog-bom.json"
parentName: 'otterdog'
parentVersion: 'parent'
autoCreate: true