Skip to content

Commit

Permalink
chore: improve message output sbom with gh (#145)
Browse files Browse the repository at this point in the history
* fix: merge with master- entrypoint

* chore: gitignore .vscode

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
  • Loading branch information
krol3 and krol3 authored Aug 2, 2022
1 parent 5144f05 commit 0d7cf2d
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 3,348 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,4 @@
*.test
!test/data/*.test
trivyignores
.vscode/
14 changes: 9 additions & 5 deletions entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -167,9 +167,9 @@ if [ $trivyConfig ]; then
trivy --config $trivyConfig ${scanType} ${artifactRef}
returnCode=$?
else
echo "Running trivy with options: ${ARGS}" "${artifactRef}"
echo "Running trivy with options: trivy ${scanType} ${ARGS}" "${artifactRef}"
echo "Global options: " "${GLOBAL_ARGS}"
trivy $GLOBAL_ARGS ${scanType} $ARGS ${artifactRef}
trivy $GLOBAL_ARGS ${scanType} ${ARGS} ${artifactRef}
returnCode=$?
fi

Expand All @@ -181,9 +181,13 @@ if [[ "${format}" == "sarif" ]]; then
trivy --quiet ${scanType} --format sarif --output ${output} $SARIF_ARGS ${artifactRef}
fi

if [[ "${format}" == "github" ]] && [[ "$(echo $githubPAT | xargs)" != "" ]]; then
echo "Uploading GitHub Dependency Snapshot"
curl -u "${githubPAT}" -H 'Content-Type: application/json' 'https://api.github.com/repos/'$GITHUB_REPOSITORY'/dependency-graph/snapshots' -d @./$(echo $output | xargs)
if [[ "${format}" == "github" ]]; then
if [[ "$(echo $githubPAT | xargs)" != "" ]]; then
printf "\n Uploading GitHub Dependency Snapshot"
curl -u "${githubPAT}" -H 'Content-Type: application/json' 'https://api.github.com/repos/'$GITHUB_REPOSITORY'/dependency-graph/snapshots' -d @./$(echo $output | xargs)
else
printf "\n Failing GitHub Dependency Snapshot. Missing github-pat"
fi
fi

exit $returnCode
Loading

0 comments on commit 0d7cf2d

Please sign in to comment.