Skip to content

Commit

Permalink
Merge pull request #1 from ivanvanderbyl/ensignia/add-baseline-workflow
Browse files Browse the repository at this point in the history 
Add Ensignia workflow
  • Loading branch information
@ivanvanderbyl
ivanvanderbyl authored Feb 23, 2024
2 parents da099b3 + 0b03c46 commit 617157a
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions .github/workflows/ensignia.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
name: Ensignia
on:
pull_request:
push:
branches:
- main

env:
ENSIGNIA_API_HOST: https://staging-control-plane.ensignia.dev

jobs:
sbom:
name: Ensignia Security Scan
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@v3
- uses: ensigniasec/[email protected]

- name: Generate SBOM
run: syft -q packages dir:./ -o spdx-json > build.spdx-sbom.json

- uses: actions/upload-artifact@v4
with:
name: build.spdx-sbom.json
path: build.spdx-sbom.json

- name: Upload SBOM
run: sigctl submit ./build.spdx-sbom.json

0 comments on commit 617157a

Please sign in to comment.