Add Trivy installation step to Gitea build workflow and update upload-artifact action to v3.2.1
All checks were successful
Go Build Multi-Platform / build (amd64, darwin) (push) Successful in 59s
Go Build Multi-Platform / build (amd64, freebsd) (push) Successful in 1m8s
Go Build Multi-Platform / build (amd64, windows) (push) Successful in 1m12s
Go Build Multi-Platform / build (amd64, linux) (push) Successful in 1m15s
Go Build Multi-Platform / build (arm64, windows) (push) Successful in 1m1s
Go Test Multi-Platform / Test (ubuntu-latest, arm64) (push) Successful in 52s
Go Test Multi-Platform / Test (ubuntu-latest, amd64) (push) Successful in 1m42s
Go Revive Lint / lint (push) Successful in 53s
Run Gosec / tests (push) Successful in 1m33s
Go Build Multi-Platform / build (arm, freebsd) (push) Successful in 9m33s
Go Build Multi-Platform / build (arm, linux) (push) Successful in 9m31s
Go Build Multi-Platform / build (arm, windows) (push) Successful in 9m33s
Go Build Multi-Platform / build (arm64, darwin) (push) Successful in 9m31s
Go Build Multi-Platform / build (arm64, freebsd) (push) Successful in 9m29s
Go Build Multi-Platform / build (arm64, linux) (push) Successful in 9m31s
Go Build Multi-Platform / Create Release (push) Has been skipped
All checks were successful
Go Build Multi-Platform / build (amd64, darwin) (push) Successful in 59s
Go Build Multi-Platform / build (amd64, freebsd) (push) Successful in 1m8s
Go Build Multi-Platform / build (amd64, windows) (push) Successful in 1m12s
Go Build Multi-Platform / build (amd64, linux) (push) Successful in 1m15s
Go Build Multi-Platform / build (arm64, windows) (push) Successful in 1m1s
Go Test Multi-Platform / Test (ubuntu-latest, arm64) (push) Successful in 52s
Go Test Multi-Platform / Test (ubuntu-latest, amd64) (push) Successful in 1m42s
Go Revive Lint / lint (push) Successful in 53s
Run Gosec / tests (push) Successful in 1m33s
Go Build Multi-Platform / build (arm, freebsd) (push) Successful in 9m33s
Go Build Multi-Platform / build (arm, linux) (push) Successful in 9m31s
Go Build Multi-Platform / build (arm, windows) (push) Successful in 9m33s
Go Build Multi-Platform / build (arm64, darwin) (push) Successful in 9m31s
Go Build Multi-Platform / build (arm64, freebsd) (push) Successful in 9m29s
Go Build Multi-Platform / build (arm64, linux) (push) Successful in 9m31s
Go Build Multi-Platform / Create Release (push) Has been skipped
This commit is contained in:
@@ -63,16 +63,17 @@ jobs:
|
||||
version: v1
|
||||
args: mod -licenses -json -output bom.json
|
||||
|
||||
- name: Install Trivy
|
||||
run: |
|
||||
wget https://github.com/aquasecurity/trivy/releases/download/v0.68.2/trivy_0.68.2_Linux-64bit.deb
|
||||
sudo dpkg -i trivy_0.68.2_Linux-64bit.deb
|
||||
|
||||
- name: Generate SPDX SBOM with Trivy
|
||||
uses: https://git.quad4.io/actions/trivy-action@22438a435773de8c97dc0958cc0b823c45b064ac
|
||||
with:
|
||||
scan-type: 'fs'
|
||||
format: 'spdx-json'
|
||||
output: 'dependency-results.sbom.json'
|
||||
scan-ref: '.'
|
||||
run: |
|
||||
trivy fs --format spdx-json --output dependency-results.sbom.json .
|
||||
|
||||
- name: Upload Artifact
|
||||
uses: https://git.quad4.io/actions/upload-artifact@672174a5bad8453f715436e010047cb8fa7680be # v3.2.0-node20
|
||||
uses: https://git.quad4.io/actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3.2.1
|
||||
with:
|
||||
name: reticulum-go-${{ matrix.goos }}-${{ matrix.goarch }}
|
||||
path: |
|
||||
|
||||
Reference in New Issue
Block a user