diff --git a/tasks/scanvulnerability.yaml b/tasks/scanvulnerability.yaml index 86ce591b..b1eb4773 100644 --- a/tasks/scanvulnerability.yaml +++ b/tasks/scanvulnerability.yaml @@ -4,9 +4,11 @@ tasks: description: Create a UDS package with configurable flavor and extract the SBOM from all created packages and analyze for vulnerabilities actions: - cmd: | - uds zarf package create . --flavor=upstream --confirm --no-progress -o sbom - for file in sbom/*.zst; do - uds zarf package inspect "$file" --sbom-out ./sbom --no-progress; + for flavor in upstream registry1; do + uds zarf package create . --flavor="$flavor" --confirm --no-progress -o sbom + for file in sbom/*.zst; do + uds zarf package inspect "$file" --sbom-out ./sbom --no-progress; + done done if ! command -v grype &> /dev/null; then echo "Grype could not be found, installing..." @@ -21,3 +23,4 @@ tasks: done ' sh {} + echo "All SBOM files processed and analyzed for vulnerabilities." +