Generate Sbomqs Score #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Generate Sbomqs Score | |
| run-name: Generate Sbomqs Score | |
| on: | |
| workflow_dispatch: | |
| workflow_call: | |
| jobs: | |
| sbomqs-score: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| - name: Install sbomqs | |
| run: | | |
| mkdir -p /opt/sbomqs | |
| curl -L -o /opt/sbomqs/sbomqs.deb https://github.com/interlynk-io/sbomqs/releases/download/v0.2.0/sbomqs_0.2.0_amd64.deb | |
| sudo dpkg -i /opt/sbomqs/sbomqs.deb | |
| # This takes all .json files in the repository and runs them through sbomqs, as for now we only have boms as .json. | |
| - name: Run sbomqs score | |
| run: | | |
| INCLUDE_DIRS=("example-0.1.0" "keycloak-25.0.4" "keycloak-cli-25.0.2" "openssl-1.1.1i" "openssl-3.0.6" "ae-artifact-analysis-0.135.0" "ae-core-0.135.0" "ae-dita-0.29.0") | |
| for dir in "${INCLUDE_DIRS[@]}"; do | |
| find "./$dir" -type f -name "*.json" | while read json_file; do | |
| output_file="${json_file%.json}.sbomqs.txt" | |
| sbomqs score "$json_file" > "$output_file" | |
| output_file="${json_file%.json}.compliance.txt" | |
| sbomqs compliance --bsi "$json_file" > "$output_file" | |
| done | |
| done | |
| - uses: ./.github/actions/util/push-to-repository # Configures git and pushes changes. | |