From f523bc9e259e4e6808b4167151ee75720e226c1a Mon Sep 17 00:00:00 2001
From: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
Date: Sun, 31 Mar 2024 10:55:27 -0500
Subject: [PATCH] included for registry1 and upstream

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
---
 tasks/scanvulnerability.yaml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/tasks/scanvulnerability.yaml b/tasks/scanvulnerability.yaml
index 86ce591b..b1eb4773 100644
--- a/tasks/scanvulnerability.yaml
+++ b/tasks/scanvulnerability.yaml
@@ -4,9 +4,11 @@ tasks:
     description: Create a UDS package with configurable flavor and extract the SBOM from all created packages and analyze for vulnerabilities
     actions:
       - cmd: |
-          uds zarf package create . --flavor=upstream --confirm --no-progress -o sbom
-          for file in sbom/*.zst; do
-            uds zarf package inspect "$file" --sbom-out ./sbom --no-progress;
+          for flavor in upstream registry1; do
+            uds zarf package create . --flavor="$flavor" --confirm --no-progress -o sbom
+            for file in sbom/*.zst; do
+              uds zarf package inspect "$file" --sbom-out ./sbom --no-progress;
+            done
           done
           if ! command -v grype &> /dev/null; then
             echo "Grype could not be found, installing..."
@@ -21,3 +23,4 @@ tasks:
             done
           ' sh {} +
           echo "All SBOM files processed and analyzed for vulnerabilities."
+