Skip to content

Commit 82d8b0f

Browse files
garazdawigarazdawi
committed
Upload things
1 parent ab7603b commit 82d8b0f

File tree

1 file changed

+32
-5
lines changed

1 file changed

+32
-5
lines changed

.github/workflows/main.yaml

+32-5
Original file line numberDiff line numberDiff line change
@@ -745,8 +745,8 @@ jobs:
745745
SCANCODE_VERSION=$(docker run --entrypoint="" ghcr.io/oss-review-toolkit/ort-minimal:${{ env.ORT_VERSION }} bash -c "scancode --version" | grep "ScanCode version" | awk '{print $3}')
746746
docker build -t otp - <<EOF
747747
FROM otp
748-
RUN sudo apt-get install -y pip && pip install scancode-toolkit==${SCANCODE_VERSION} reuse
749748
RUN echo 'export PATH="\$HOME/.local/bin:\$PATH"' >> /home/otptest/.profile
749+
RUN sudo apt-get install -y pip && pip install scancode-toolkit==${SCANCODE_VERSION} reuse
750750
EOF
751751
752752
- name: Restore from cache
@@ -779,7 +779,7 @@ jobs:
779779
docker run -v $PWD/:/github -v $HOME:$HOME otp \
780780
"/github/.github/scripts/ort-scanner.es scan -t reuse -s overwrite \
781781
-i $HOME/.ort/ort-results/scan-result.json \
782-
-o $HOME/.ort/ort-results/scan-result.json /github"
782+
-o $HOME/.ort/ort-results/scan-result.reuse.json /github"
783783
784784
- name: Upload scan results
785785
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # ratchet:actions/[email protected]
@@ -792,8 +792,8 @@ jobs:
792792
793793
- name: Copy to cache and link results
794794
run: |
795-
cp $HOME/.ort/ort-results/scan-result.json ${{ env.SCAN_RESULT_CACHE_PATH }}
796-
ln -f -s scan-result.json $HOME/.ort/ort-results/current-result.json
795+
cp $HOME/.ort/ort-results/scan-result.reuse.json ${{ env.SCAN_RESULT_CACHE_PATH }}
796+
ln -f -s scan-result.reuse.json $HOME/.ort/ort-results/current-result.json
797797
798798
- name: Run OSS Review Toolkit (reporter)
799799
uses: oss-review-toolkit/ort-ci-github-action@1805edcf1f4f55f35ae6e4d2d9795ccfb29b6021 # ratchet:oss-review-toolkit/[email protected]
@@ -817,7 +817,7 @@ jobs:
817817
docker run -v $PWD/:/github -v $HOME:$HOME otp \
818818
"/github/.github/scripts/otp-compliance.es sbom otp-info \
819819
--sbom-file $HOME/.ort/ort-results/bom.spdx.json \
820-
--input-file $HOME/.ort/ort-results/scan-result.json"
820+
--input-file $HOME/.ort/ort-results/scan-result.reuse.json"
821821
822822
- name: Run OSS Review Toolkit (upload)
823823
uses: oss-review-toolkit/ort-ci-github-action@1805edcf1f4f55f35ae6e4d2d9795ccfb29b6021 # ratchet:oss-review-toolkit/[email protected]
@@ -841,6 +841,33 @@ jobs:
841841
fail-on: ${{ github.ref_type == 'tag' && '' || '' }} # 'violations,issues' }}
842842
sw-version: ${{ env.OTP_SBOM_VERSION }}
843843

844+
- name: Copy to cache and link results
845+
run: |
846+
ln -f -s scan-result.json $HOME/.ort/ort-results/current-result.json
847+
848+
- name: Run OSS Review Toolkit (reporter)
849+
uses: oss-review-toolkit/ort-ci-github-action@1805edcf1f4f55f35ae6e4d2d9795ccfb29b6021 # ratchet:oss-review-toolkit/[email protected]
850+
with:
851+
image: ghcr.io/oss-review-toolkit/ort-minimal:${{ env.ORT_VERSION }}
852+
run: >
853+
reporter
854+
report-formats: "SpdxDocument"
855+
ort-cli-report-args: '-O SpdxDocument=outputFileFormats=JSON'
856+
sw-version: ${{ env.OTP_SBOM_VERSION }}
857+
858+
- name: Process SBOM
859+
run: |
860+
docker run -v $PWD/:/github -v $HOME:$HOME otp \
861+
"/github/.github/scripts/otp-compliance.es sbom otp-info \
862+
--sbom-file $HOME/.ort/ort-results/bom.spdx.json \
863+
--input-file $HOME/.ort/ort-results/scan-result.json"
864+
865+
- name: Upload scan results
866+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # ratchet:actions/[email protected]
867+
with:
868+
name: ort-no-reuse-sbom
869+
path: $HOME/.ort/ort-results/bom.spdx.json
870+
844871
## If this is an "OTP-*" tag that has been pushed we do some release work
845872
release:
846873
name: Release Erlang/OTP

0 commit comments

Comments
 (0)