-
Notifications
You must be signed in to change notification settings - Fork 0
/
azure-pipelines.yml
38 lines (29 loc) · 1.04 KB
/
azure-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
trigger:
- master
pool:
vmImage: 'ubuntu-latest'
steps:
- task: UsePythonVersion@0
inputs:
versionSpec: '3.8'
addToPath: true
architecture: 'x64'
- script: pip3 install flask --index-url https://pypi.org/simple
displayName: 'install flask with pip3'
- script: pip3 install jake --index-url https://pypi.org/simple
displayName: 'install jake with pip3'
- script: jake sbom -o jake-bom.xml
displayName: 'generate sbom for python site packages using jake'
- task: NexusIqPipelineTask@1
inputs:
nexusIqService: 'BMA IQ'
applicationId: 'jake-flask-sbom'
stage: 'Build'
scanTargets: 'jake-bom.xml'
- script: wget https://download.sonatype.com/clm/scanner/latest.jar
displayName: download CLI
- script: java -jar latest.jar -s https://m8bcp26vql-nxiq.sonatype-se.com/ -i jake-flask-sbom -t release -a admin:admin123 jake-bom.xml
displayName: run CLI scan