Skip to content

Feat: Add script for image index SBOM creation. #29

Feat: Add script for image index SBOM creation.

Feat: Add script for image index SBOM creation. #29

name: Build sbom utility scripts image
on:
push:
branches:
- main
paths:
- sbom-utility-scripts/**
pull_request:
branches:
- main
paths:
- sbom-utility-scripts/**
env:
REGISTRY: quay.io/redhat-appstudio
IMAGE_NAME: sbom-utility-scripts-image
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Run tox checks for base-images-sbom-script
run: |
python3 -m pip install tox
cd ./sbom-utility-scripts/scripts/base-images-sbom-script/app/
tox
- name: Run tox checks for merge-cachi2-sboms-script
run: |
python3 -m pip install tox
cd ./sbom-utility-scripts/scripts/merge-cachi2-sboms-script/
tox
- name: Run tox checks for index-image-sbom-script
run: |
python3 -m pip install tox
cd ./sbom-utility-scripts/scripts/index-image-sbom-script/
tox
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.IMAGE_NAME }}
tags: ${{ github.sha }}
context: ./sbom-utility-scripts
containerfiles: |
./sbom-utility-scripts/Dockerfile
- name: Push to Quay
if: github.event_name == 'push' # don't push image from PR
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.REGISTRY }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}