golang/gogitlabber
golang/gogitlabber
3
0
Fork 0
Code Issues 1 Pull requests Releases 1 Activity

fix(ci): generate sbom after release

Browse source
This commit is contained in:
Simon Cornet 2025-04-24 09:55:49 +02:00
commit 8a0081ad1e
1 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
.github/workflows/release.yml vendored
View file

@ -28,12 +28,6 @@ jobs:
- name: "install syft" - name: "install syft"
uses: "anchore/sbom-action/download-syft@v0" uses: "anchore/sbom-action/download-syft@v0"
# generate sbom
- name: "generate sbom"
run: |
syft . -o spdx-json=sbom.spdx.json
syft . -o cyclonedx-json=sbom.cyclonedx.json
# run goreleaser # run goreleaser
- name: "run goreleaser" - name: "run goreleaser"
uses: "goreleaser/goreleaser-action@v6" uses: "goreleaser/goreleaser-action@v6"
@ -43,6 +37,12 @@ jobs:
env: env:
GITHUB_TOKEN: ${{ secrets.GORELEASER_GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GORELEASER_GITHUB_TOKEN }}
# generate sbom
- name: "generate sbom"
run: |
syft go.mod -o spdx-json=sbom.spdx.json
syft go.mod -o cyclonedx-json=sbom.cyclonedx.json
# upload sbom to release # upload sbom to release
- name: "upload sbom to release" - name: "upload sbom to release"
uses: "softprops/action-gh-release@v1" uses: "softprops/action-gh-release@v1"