allocate security identifiers: 2026-03-12 #665
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Publish Security Identifiers Index (development)" | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| group: publish-security-identifiers | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| publish-security-identifiers: | |
| name: "Publish Security Identifiers Index (development)" | |
| runs-on: runs-on=${{ github.run_id }}/runner=medium-arm | |
| container: | |
| image: python:3.13-alpine | |
| permissions: | |
| contents: write | |
| packages: write | |
| steps: | |
| - name: Install OS dependencies | |
| run: apk add --no-cache git taplo sqlite tar zstd curl oras-cli bash | |
| - name: Configure git | |
| run: git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
| - name: Install python dependencies | |
| run: pip install git+https://github.com/anchore/security-cli | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Render the security identifiers sqlite index | |
| run: anchore-security-cli -v id index render --data-path data -o ${{ runner.temp }}/security-identifiers-index | |
| - name: Login to GHCR via oras | |
| run: echo ${{ secrets.GITHUB_TOKEN }} | oras login ghcr.io --username "${GITHUB_ACTOR}" --password-stdin | |
| - name: Publish the security identifiers sqlite index | |
| run: anchore-security-cli -vvv id index publish --index-dir ${{ runner.temp }}/security-identifiers-index --deploy-to=development |