diff --git a/components/producers/cdxgen/task.yaml b/components/producers/cdxgen/task.yaml index 0f530f847..0ec47cca6 100644 --- a/components/producers/cdxgen/task.yaml +++ b/components/producers/cdxgen/task.yaml @@ -13,6 +13,15 @@ spec: - name: producer-cdxgen-fetch-license type: string default: "false" + - name: producer-cdxgen-github-token + type: string + default: "" + - name: cdxgen-astgen-ignore-file-pattern + type: string + default: "" + - name: cdxgen-astgen-ignore-dirs + type: string + default: "" volumes: - name: scratch emptyDir: {} @@ -24,10 +33,17 @@ spec: image: ghcr.io/cyclonedx/cdxgen:v9.8.10 env: - name: FETCH_LICENSE - value: $(params.cdxgen-fetch-license) + value: $(params.producer-cdxgen-fetch-license) + - name: GITHUB_TOKEN + value: $(params.producer-cdxgen-github-token) + - name: ASTGEN_IGNORE_FILE_PATTERN + value: $(params.producer-cdxgen-astgen-ignore-file-pattern) + - name: ASTGEN_IGNORE_DIRS + value: $(params.producer-cdxgen-astgen-ignore-dirs) command: ["node", "/opt/cdxgen/bin/cdxgen.js"] args: - - "$(params.producer-docker-trivy-flags[*])" + - "$(params.producer-cdxgen-flags[*])" + - --spec-version 1.4 - -r - -p - -o diff --git a/third_party/docker/CycloneDX/cdxgen/BUILD b/third_party/docker/CycloneDX/cdxgen/BUILD new file mode 100644 index 000000000..25d90736a --- /dev/null +++ b/third_party/docker/CycloneDX/cdxgen/BUILD @@ -0,0 +1,8 @@ +subinclude("//build/defs:buildkit") + +buildkit_image_mirror( + name = "cdxgen", + digest = "sha256:736787f469d6a212dfc6e33f7e2da05513fec64607080e02e510348fff5fbafb", + repo = "ghcr.io/cyclonedx/cdxgen", + tags = ["v9.8.10"], +)