Skip to content

Commit

Permalink
- fixing SBOM publishing for Java
Browse files Browse the repository at this point in the history
  • Loading branch information
@maksimu
maksimu committed Jan 2, 2025
1 parent e9502fa commit ee898dd
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions .github/workflows/reusable.sbom.workflow.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -300,6 +300,22 @@ jobs:
ls -la $GRADLE_USER_HOME/caches || true
fi
- name: Debug Syft scanning
if: inputs.project-type == 'java'
working-directory: ${{ inputs.working-directory }}
run: |
echo "Syft version:"
syft version
echo "Scanning Gradle cache:"
find ~/.gradle/caches/modules-2 -type f -name "*.jar" | while read -r jar; do
echo "Found JAR: $jar"
syft packages "$jar" 2>/dev/null || true
done
echo "Full project scan with verbose output:"
SYFT_LOG_LEVEL=debug syft packages . -o json | tee syft-scan.json
- name: Verify Syft Java scanning
if: inputs.project-type == 'java'
working-directory: ${{ inputs.working-directory }}
Expand Down

0 comments on commit ee898dd

Please sign in to comment.