security-identifiers/.github/workflows/allocate.yaml at 8f49c6cdf01ffd72edb15d9c1ba3eb0c3b87c906 · anchore/security-identifiers · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
name: "Allocate Security Identifiers"
on:
  workflow_dispatch:
  schedule:
    - cron: '12 * * * MON-FRI'

concurrency:
  group: allocate-security-identifiers
  cancel-in-progress: true

permissions:
  contents: read

jobs:
  allocate-security-identifiers:
    name: "Allocate Security Identfiers"
    runs-on: ubuntu-latest
    container:
      image: python:3.13-alpine
    permissions:
      contents: write
    steps:
      - name: Install OS dependencies
        run: apk add --no-cache taplo sqlite tar zstd curl oras-cli bash date grype
      - name: Configure git
        run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
      - name: Install python dependencies
        run: pip install check-jsonschema cpe git+https://github.com/anchore/security-cli
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
      - name: Allocate security identifiers
        run: anchore-security-cli id allocate --data-path data
      - name: Run TOML schema validation
        run: taplo validate --schema file:${PWD}/schema/0.1.0.schema.json
      - name: Run TOML formatting validation
        run: taplo format --check
      - name: Commit changes
        run: |
            git config user.email "github-actions[bot]@users.noreply.github.com"
            git config user.name "github-actions[bot]"
            ./scripts/commit.sh
            git push