Add Trivy installation step to Gitea build workflow and update upload-artifact action to v3.2.1
All checks were successful
Go Build Multi-Platform / build (amd64, darwin) (push) Successful in 59s
Go Build Multi-Platform / build (amd64, freebsd) (push) Successful in 1m8s
Go Build Multi-Platform / build (amd64, windows) (push) Successful in 1m12s
Go Build Multi-Platform / build (amd64, linux) (push) Successful in 1m15s
Go Build Multi-Platform / build (arm64, windows) (push) Successful in 1m1s
Go Test Multi-Platform / Test (ubuntu-latest, arm64) (push) Successful in 52s
Go Test Multi-Platform / Test (ubuntu-latest, amd64) (push) Successful in 1m42s
Go Revive Lint / lint (push) Successful in 53s
Run Gosec / tests (push) Successful in 1m33s
Go Build Multi-Platform / build (arm, freebsd) (push) Successful in 9m33s
Go Build Multi-Platform / build (arm, linux) (push) Successful in 9m31s
Go Build Multi-Platform / build (arm, windows) (push) Successful in 9m33s
Go Build Multi-Platform / build (arm64, darwin) (push) Successful in 9m31s
Go Build Multi-Platform / build (arm64, freebsd) (push) Successful in 9m29s
Go Build Multi-Platform / build (arm64, linux) (push) Successful in 9m31s
Go Build Multi-Platform / Create Release (push) Has been skipped
All checks were successful
Go Build Multi-Platform / build (amd64, darwin) (push) Successful in 59s
Go Build Multi-Platform / build (amd64, freebsd) (push) Successful in 1m8s
Go Build Multi-Platform / build (amd64, windows) (push) Successful in 1m12s
Go Build Multi-Platform / build (amd64, linux) (push) Successful in 1m15s
Go Build Multi-Platform / build (arm64, windows) (push) Successful in 1m1s
Go Test Multi-Platform / Test (ubuntu-latest, arm64) (push) Successful in 52s
Go Test Multi-Platform / Test (ubuntu-latest, amd64) (push) Successful in 1m42s
Go Revive Lint / lint (push) Successful in 53s
Run Gosec / tests (push) Successful in 1m33s
Go Build Multi-Platform / build (arm, freebsd) (push) Successful in 9m33s
Go Build Multi-Platform / build (arm, linux) (push) Successful in 9m31s
Go Build Multi-Platform / build (arm, windows) (push) Successful in 9m33s
Go Build Multi-Platform / build (arm64, darwin) (push) Successful in 9m31s
Go Build Multi-Platform / build (arm64, freebsd) (push) Successful in 9m29s
Go Build Multi-Platform / build (arm64, linux) (push) Successful in 9m31s
Go Build Multi-Platform / Create Release (push) Has been skipped
This commit is contained in:
@@ -63,16 +63,17 @@ jobs:
|
|||||||
version: v1
|
version: v1
|
||||||
args: mod -licenses -json -output bom.json
|
args: mod -licenses -json -output bom.json
|
||||||
|
|
||||||
|
- name: Install Trivy
|
||||||
|
run: |
|
||||||
|
wget https://github.com/aquasecurity/trivy/releases/download/v0.68.2/trivy_0.68.2_Linux-64bit.deb
|
||||||
|
sudo dpkg -i trivy_0.68.2_Linux-64bit.deb
|
||||||
|
|
||||||
- name: Generate SPDX SBOM with Trivy
|
- name: Generate SPDX SBOM with Trivy
|
||||||
uses: https://git.quad4.io/actions/trivy-action@22438a435773de8c97dc0958cc0b823c45b064ac
|
run: |
|
||||||
with:
|
trivy fs --format spdx-json --output dependency-results.sbom.json .
|
||||||
scan-type: 'fs'
|
|
||||||
format: 'spdx-json'
|
|
||||||
output: 'dependency-results.sbom.json'
|
|
||||||
scan-ref: '.'
|
|
||||||
|
|
||||||
- name: Upload Artifact
|
- name: Upload Artifact
|
||||||
uses: https://git.quad4.io/actions/upload-artifact@672174a5bad8453f715436e010047cb8fa7680be # v3.2.0-node20
|
uses: https://git.quad4.io/actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3.2.1
|
||||||
with:
|
with:
|
||||||
name: reticulum-go-${{ matrix.goos }}-${{ matrix.goarch }}
|
name: reticulum-go-${{ matrix.goos }}-${{ matrix.goarch }}
|
||||||
path: |
|
path: |
|
||||||
|
|||||||
Reference in New Issue
Block a user