Skip to content

Commit

Permalink
Update docker-build.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
marcinguy authored Nov 14, 2024
1 parent 25be8ef commit 37b04d8
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions .github/workflows/docker-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,18 @@ jobs:
DOCKER_HUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKERHUB_TOKEN }}


# Install Grype
- name: Install Grype
run: |
curl -sSL https://github.com/anchore/grype/releases/download/v0.80.0/grype-linux-amd64-v0.80.0.tar.gz | tar -xz -C /usr/local/bin
# Generate SBOM with Grype
- name: Generate SBOM with Grype
run: |
grype sbom ${env.IMAGE_NAME}:${{ github.sha }} -o json > sbom.json

- name: Generate SBOM attestation
uses: actions/attest-sbom@v1
with:
Expand Down

0 comments on commit 37b04d8

Please sign in to comment.