You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ac...@apache.org on 2023/02/10 09:26:18 UTC
[camel-kamelets] branch main updated: Added SBOM generation action
This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-kamelets.git
The following commit(s) were added to refs/heads/main by this push:
new bc518923 Added SBOM generation action
bc518923 is described below
commit bc51892368d56e10b5ba904a12fc200b8ce0f437
Author: Andrea Cosentino <an...@gmail.com>
AuthorDate: Fri Feb 10 10:25:07 2023 +0100
Added SBOM generation action
Signed-off-by: Andrea Cosentino <an...@gmail.com>
---
.github/workflows/generate-sbom-main.yml | 75 ++++++++++++++++++++++++++++++++
1 file changed, 75 insertions(+)
diff --git a/.github/workflows/generate-sbom-main.yml b/.github/workflows/generate-sbom-main.yml
new file mode 100644
index 00000000..cf2b4a54
--- /dev/null
+++ b/.github/workflows/generate-sbom-main.yml
@@ -0,0 +1,75 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: Generate SBOM (Camel Kamelets)
+
+on:
+ schedule:
+ - cron: '30 11 * * 0'
+ workflow_dispatch:
+
+permissions: {}
+jobs:
+ build:
+ if: github.repository == 'apache/camel'
+ permissions:
+ contents: write # to create branch (peter-evans/create-pull-request)
+ pull-requests: write # to create a PR (peter-evans/create-pull-request)
+
+ runs-on: ubuntu-latest
+ strategy:
+ matrix:
+ java: [ '17' ]
+ steps:
+ - uses: actions/checkout@v3
+ with:
+ persist-credentials: false
+ - id: install-mvnd
+ uses: ./.github/actions/install-mvnd
+ - name: Set up JDK ${{ matrix.java }}
+ uses: actions/setup-java@v3
+ with:
+ distribution: 'temurin'
+ java-version: ${{ matrix.java }}
+ cache: 'maven'
+ - name: mvn build and sbom generation
+ run: ${{ steps.install-mvnd.outputs.mvnd-dir }}/mvnd -l build.log -Dmvnd.threads=2 -V -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 --no-transfer-progress -e -Psbom -DskipTests verify
+ - name: archive logs
+ uses: actions/upload-artifact@v3
+ if: always()
+ with:
+ name: build.log
+ path: build.log
+ - name: Create Pull Request
+ uses: peter-evans/create-pull-request@v4
+ with:
+ base: main
+ token: ${{ secrets.GITHUB_TOKEN }}
+ commit-message: "Regen SBOM from commit ${{ github.sha }}"
+ committer: GitHub <no...@github.com>
+ author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>
+ signoff: true
+ branch: regen_bot_sbom
+ title: "Generated sources regen for SBOM"
+ body: |
+ Regen bot :robot: found some uncommitted changes after running build on :camel-kamelets: `main` branch for generating SBOMs.
+ Please do not delete `regen_bot_sbom` branch after merge/rebase.
+ labels: |
+ regen
+ automated pr
+ camel-kamelets
+ assignees: oscerd