[BUG] Broken sbom generation #379
Assignees
Labels
bug
Something isn't working
Comments
Kavindu-Dodan
added
bug
Merged
Kavindu-Dodan
removed
the
Needs Triage
Kavindu-Dodan
pushed a commit
that referenced
this issue
Feb 13, 2023
🤖 I have created a release *beep* *boop* --- ## [0.3.7](v0.3.6...v0.3.7) (2023-02-13) ### Bug Fixes * **deps:** update module golang.org/x/net to v0.6.0 ([#396](#396)) ([beb7564](beb7564)) * **deps:** update module google.golang.org/grpc to v1.53.0 ([#388](#388)) ([174cd7c](174cd7c)) * error handling of Serve/ServeTLS funcs ([#397](#397)) ([8923bf2](8923bf2)) * fix race in http sync test ([#401](#401)) ([1d0c8e1](1d0c8e1)) * sbom artefact name ([#380](#380)) ([3daef26](3daef26)), closes [#379](#379) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Observed behavior
Consider the GH action for release https://github.com/open-feature/flagd/actions/runs/4105386972
This is broken as sbom artifact is set to (derived from IMAGE_NAME) openfeature/flagd, which is a folder path instead of a file flagd.
Expected Behavior
Action must be corrected to use a file name. This can be hardcoded as we do not have any constant readily available.
The simple fix [1]
From :
artifact-name: ${{ format('{0}-{1}-sbom.spdx',env.IMAGE_NAME, needs.release-please.outputs.release_tag_name) }}To :
artifact-name: ${{ format('flagd-{0}-sbom.spdx, needs.release-please.outputs.release_tag_name) }}[1]. - https://github.com/open-feature/flagd/blob/main/.github/workflows/release-please.yaml#L102
The text was updated successfully, but these errors were encountered: