File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -23,15 +23,15 @@ jobs:
2323 with :
2424 target : ./
2525 output-dir : " /tmp/test/sbom"
26- syft-version : " 1.1.0"
2726 vuln-report : True
2827
2928 - name : Scan directory
3029 uses : ./
3130 with :
32- target : /etc
31+ target : /usr/local/bin
3332 output-dir : " /tmp/test/sbom"
34- name : " ghactionetc"
33+ syft-version : " 1.10.0"
34+ name : " usrlocalbin"
3535
3636 - name : Scan iso
3737 uses : ./
4242 name : " tinycorelinux"
4343 vuln-report : False
4444
45+ - name : Ensure generated sbom file for repo contains the expected content
46+ shell : bash
47+ run : |
48+ if jq -e '.components[] | select(.name == "lodash")' /tmp/test/sbom/repo_sbom_*.json > /dev/null; then
49+ echo "lodash is present in the JSON file."
50+ exit 0
51+ else
52+ echo "lodash is NOT present in the JSON file."
53+ exit 1
54+ fi
55+
56+ name : Ensure generated sbom file for iso contains the expected content
57+ shell : bash
58+ run : |
59+ if jq -e '.components[] | select(.version == "6.6.8-tinycore")' /tmp/test/sbom/iso_tinycorelinux_15.0.json > /dev/null; then
60+ echo "tinycore is present in the JSON file."
61+ exit 0
62+ else
63+ echo "tinycore is NOT present in the JSON file."
64+ exit 1
65+ fi
66+
67+ name : Ensure generated sbom file for dir contains the expected content
68+ shell : bash
69+ run : |
70+ if jq -e '.components[] | select(.purl == "pkg:golang/github.com/anchore/syft@v1.10.0")' /tmp/test/sbom/dir_bin_undefined.json > /dev/null; then
71+ echo "syft is present in the JSON file."
72+ exit 0
73+ else
74+ echo "syft is NOT present in the JSON file."
75+ exit 1
76+ fi
77+
4578name : Print the content of generated sbom file
4679 shell : bash
4780 run : |
You can’t perform that action at this time.
0 commit comments