diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 331f0d05..6998d37a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -45,6 +45,17 @@ jobs: with: name: 'vscode-kaoto-vsix' path: '*.vsix' + - name: Generate SBOM + if: matrix.os == 'ubuntu-latest' + run: | + npm install --global @cyclonedx/cyclonedx-npm + cyclonedx-npm --omit dev --output-file manifest.json + - name: Store SBOM + uses: actions/upload-artifact@v4 + if: matrix.os == 'ubuntu-latest' + with: + name: sbom + path: manifest.json - name: Store VS Code logs uses: actions/upload-artifact@v4 if: always() diff --git a/.github/workflows/main-kaoto.yaml b/.github/workflows/main-kaoto.yaml index 08c0900a..69c73746 100644 --- a/.github/workflows/main-kaoto.yaml +++ b/.github/workflows/main-kaoto.yaml @@ -60,6 +60,7 @@ jobs: with: name: vsix-from-main-branch-of-kaoto path: 'vscode-kaoto/*.vsix' + - name: Store VS Code logs uses: actions/upload-artifact@v4 if: always()