sigs.k8s.io/kueue@v0.6.2/.github/workflows/sbom.yaml

sigs.k8s.io/kueue@v0.6.2/.github/workflows/sbom.yaml (about)

     1  on:
     2    workflow_dispatch:
     3      inputs:
     4        tag:
     5          type: string
     6          required: true
     7  
     8  permissions: {}
     9  
    10  jobs:
    11    test_bom_action:
    12      runs-on: ubuntu-latest
    13      permissions:
    14        contents: write
    15      name: Install bom and generate SBOM
    16      steps:
    17        - name: Set tag name
    18          shell: bash
    19          run: |
    20            TAG=${{ github.event.inputs.tag }}
    21            echo "TAG=$TAG" >> "$GITHUB_ENV"
    22        - name: Install bom
    23          uses: kubernetes-sigs/release-actions/setup-bom@v0.1.2
    24        - name: Checkout repository
    25          uses: actions/checkout@v4
    26        - name: Generate SBOM
    27          shell: bash
    28          run: |
    29            bom generate -o /tmp/kueue.spdx .
    30            cd /tmp
    31            tar zcf sbom.tar.gz *.spdx
    32        - name: Upload SBOM
    33          env:
    34            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    35          shell: bash
    36          run: |
    37            gh release upload $TAG /tmp/sbom.tar.gz