From 4ed229c8745ab387c1dadf72b7e8b8f67e7baa49 Mon Sep 17 00:00:00 2001 From: Palassis <40472433+MxNxPx@users.noreply.github.com> Date: Fri, 25 Oct 2024 11:21:54 -0400 Subject: [PATCH] feat: generate & add sbom to release assets (#233) --- .github/workflows/publish-bundle-rke2.yaml | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish-bundle-rke2.yaml b/.github/workflows/publish-bundle-rke2.yaml index d5c74c1e..fb81215e 100644 --- a/.github/workflows/publish-bundle-rke2.yaml +++ b/.github/workflows/publish-bundle-rke2.yaml @@ -2,9 +2,13 @@ name: Publish Zarf Package on: workflow_call: + inputs: + tag-name: + required: true + type: string permissions: - contents: read + contents: write packages: write id-token: write @@ -52,11 +56,20 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - #### - # Build and publish bundle - #### - name: Build and publish rke2 bundle run: | uds run create-bundle-rke2 --set EXTRA_ARGS="--no-progress" + uds inspect --sbom build/uds-bundle-software-factory-nutanix-rke2*.tar.zst uds publish build/uds-bundle-software-factory-nutanix-rke2-amd64-*.tar.zst oci://ghcr.io/defenseunicorns/uds-bundle --no-progress + + - name: Upload SBOM to Release + id: upload-sbom-to-release + env: + GH_TOKEN: ${{ github.token }} + run: | + TAG_NAME="v${{ inputs.tag-name }}" + gh release upload "${TAG_NAME}" "$(find . -maxdepth 1 -type f -name "*-sboms.tar" -print0 | xargs -0 echo)" + + - name: Cleanup + run: | uds run clean