Skip to content

Commit 0aa5157

Browse files
EricWittmannEricWittmann
committed
Update release sbom workflow
1 parent 50ce328 commit 0aa5157

File tree

1 file changed

+17
-4
lines changed

1 file changed

+17
-4
lines changed

.github/workflows/release-sboms.yaml

+17-4
Original file line numberDiff line numberDiff line change
@@ -42,32 +42,45 @@ jobs:
4242
git config --global user.name "apicurio-ci"
4343
git config --global user.email "apicurio.ci@gmail.com"
4444
git clone --branch main --single-branch https://apicurio-ci:${{ secrets.ACCESS_TOKEN }}@github.com/Apicurio/apicurio-sboms.git sboms
45+
cd sboms
46+
echo "SBOM_OUTPUT_DIR=$(pwd)/apicurio-registry/$RELEASE_VERSION" >> $GITHUB_ENV
47+
echo "Generating SBOMs into: $SBOM_OUTPUT_DIR"
4548
4649
- name: Set up JDK 17
4750
uses: actions/setup-java@v3
4851
with:
4952
java-version: '17'
5053
distribution: 'temurin'
5154

55+
- name: Set up Node
56+
uses: actions/setup-node@v3
57+
with:
58+
node-version: 20
59+
cache: 'npm'
60+
cache-dependency-path: 'ui/**/package-lock.json'
61+
5262
- name: Maven Install
5363
run: |
5464
cd registry
5565
mvn install -Pprod -DskipTests -Dspotless.check.skip=true
5666
5767
- name: Generate Maven SBOMs
5868
run: |
59-
mkdir -p sboms/apicurio-registry/$RELEASE_VERSION
69+
mkdir -p $SBOM_OUTPUT_DIR
6070
cd registry
61-
mvn -f app/pom.xml dependency:tree -DoutputType=dot -Dscope=runtime -DoutputFile=../sboms/apicurio-registry/$RELEASE_VERSION/apicurio-registry-app-$RELEASE_VERSION.runtime.sbom.dot
71+
echo "Generating Maven SBOM output to: $SBOM_OUTPUT_DIR/apicurio-registry-app-$RELEASE_VERSION.runtime.sbom.dot"
72+
mvn -f app/pom.xml dependency:tree -DoutputType=dot -Dscope=runtime -DoutputFile=$SBOM_OUTPUT_DIR/apicurio-registry-app-$RELEASE_VERSION.runtime.sbom.dot
6273
6374
- name: Generate npm SBOMs
6475
run: |
6576
cd registry/ui
6677
npm install
6778
cd ui-app
68-
npm list -prod -depth 10 --json > ../../../sboms/apicurio-registry/$RELEASE_VERSION/apicurio-registry-ui-app-$RELEASE_VERSION.sbom.npm
79+
echo "Generating npm SBOM output to: $SBOM_OUTPUT_DIR/apicurio-registry-ui-app-$RELEASE_VERSION.sbom.npm"
80+
npm list -prod -depth 10 --json > $SBOM_OUTPUT_DIR/apicurio-registry-ui-app-$RELEASE_VERSION.sbom.npm
6981
cd ../ui-docs
70-
npm list -prod -depth 10 --json > ../../../sboms/apicurio-registry/$RELEASE_VERSION/apicurio-registry-ui-docs-$RELEASE_VERSION.sbom.npm
82+
echo "Generating npm SBOM output to: $SBOM_OUTPUT_DIR/apicurio-registry-ui-docs-$RELEASE_VERSION.sbom.npm"
83+
npm list -prod -depth 10 --json > $SBOM_OUTPUT_DIR/apicurio-registry-ui-docs-$RELEASE_VERSION.sbom.npm
7184
7285
- name: Commit SBOMs to Repo
7386
run: |

0 commit comments

Comments
 (0)