From 421707ec132daea90d9b8c02efd781392718400e Mon Sep 17 00:00:00 2001 From: Marcin Kozlowski Date: Fri, 15 Nov 2024 16:45:24 +0100 Subject: [PATCH] Update docker-build.yml --- .github/workflows/docker-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index cf3fd0d..892c87b 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -84,14 +84,14 @@ jobs: # Generate SBOM with Grype - name: Generate SBOM with Grype run: | - grype ${{ env.IMAGE_NAME }}:${{ github.sha }} -o json > sbom.json + grype ${{ env.IMAGE_NAME }}:${{ github.sha }} -o spdx-json > sbom.spdx.json - name: Generate SBOM attestation uses: actions/attest-sbom@v1 with: subject-name: docker.io/${{ secrets.DOCKERHUB_USERNAME }}/betterscan-${{ matrix.component }} subject-digest: ${{ steps.build-push.outputs.digest }} - sbom-path: 'sbom.json' + sbom-path: 'sbom.spdx.json' push-to-registry: true env: DOCKER_HUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}