name: sbom
on:
push:
branches:
- main
jobs:
gen:
name: Generate and Upload SBOM
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup toolchain
uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Setup cyclondx
uses: taiki-e/cache-cargo-install-action@v2
with:
tool: cargo-cyclonedx
- name: Generate SBOM
run: cargo cyclonedx --all --all-features -f json --override-filename sbom-${{ github.sha }}
- name: Archive SBOM
uses: actions/upload-artifact@v4
with:
name: sbom
path: sbom-${{ github.sha }}.json
- name: Upload SBOM
uses: DependencyTrack/gh-upload-sbom@v3
with:
serverHostname: 'back.vulns.gronner.dev'
apiKey: ${{ secrets.DEPENDENCYTRACK_APIKEY }}
project: '0ecb8862-d13a-4c3b-8699-9e31a0cb93c7'
bomFilename: sbom-${{ github.sha }}.json