From e492bb2e64119e137fcf249b6c9debe6898c24ea Mon Sep 17 00:00:00 2001
From: Max Ustinov <maksimu@users.noreply.github.com>
Date: Thu, 2 Jan 2025 13:05:40 -0800
Subject: [PATCH] - fixing SBOM publishing for Java

---
 .github/workflows/reusable.sbom.workflow.yml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/.github/workflows/reusable.sbom.workflow.yml b/.github/workflows/reusable.sbom.workflow.yml
index 91288c23..0d3ded5c 100644
--- a/.github/workflows/reusable.sbom.workflow.yml
+++ b/.github/workflows/reusable.sbom.workflow.yml
@@ -274,6 +274,26 @@ jobs:
           
           echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
 
+      - name: Debug Java dependencies
+        if: inputs.project-type == 'java'
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          echo "Gradle Home: $GRADLE_USER_HOME"
+          echo "Project structure:"
+          find . -type f -name "*.jar" || true
+          echo "Gradle cache structure:"
+          find "${GRADLE_USER_HOME}/caches" -type f -name "*.jar" || true
+          echo "Runtime classpath:"
+          ./gradlew -q printRuntimeClasspath
+
+      - name: Verify Syft Java scanning
+        if: inputs.project-type == 'java'
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          syft --version
+          echo "Testing direct Syft scan:"
+          syft packages . -vv || true
+
       - name: Generate and publish SBOM
         env:
           PROJECT_VERSION: ${{ inputs.project-version != '' && inputs.project-version || steps.detect-version.outputs.version }}