Skip to content

Update pipeline.yml for archivista sandbox #10

Update pipeline.yml for archivista sandbox

Update pipeline.yml for archivista sandbox #10

Workflow file for this run

permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
name: pipeline
on:
push:
branches:
- 'main'
jobs:
build-image:
runs-on: ubuntu-latest
permissions:
packages: write
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
steps:
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}/swf
- name: Docker Login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Buildx
uses: docker/setup-buildx-action@v3
- name: Checkout Code
uses: actions/checkout@v4.1.1
- name: Build Image
shell: bash
run: |
docker buildx build -t ${{ steps.meta.outputs.tags }} --push .
- name: Generate SBOM
shell: bash
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
syft ${{ steps.meta.outputs.tags }} --source-name=pkg:oci/${{ github.repository }} -o cyclonedx-json --file sbom.cdx.json
- name: Upload SBOM
uses: actions/upload-artifact@v4.3.3
with:
name: sbom
path: sbom.cdx.json