Added sort command #1016

Workflow file for this run

.github/workflows/repotests.yml at 63d2e59

	name: Repo tests

	on:
	push:
	branches:
	- master
	- feature/*
	- release/*
	- fix/*
	workflow_dispatch:

	jobs:
	build:
	if: "! contains(github.event.head_commit.message, '[ci skip]')"
	strategy:
	fail-fast: false
	matrix:
	node-version: [18.x]
	os: ['ubuntu-latest', 'windows-latest']
	runs-on: ${{ matrix.os }}
	steps:
	- uses: actions/checkout@v3
	- name: Set up SBT
	uses: olafurpg/setup-scala@v11
	- name: Set up JDK
	uses: actions/setup-java@v3
	with:
	distribution: 'temurin'
	java-version: '19'
	- name: Use Node.js ${{ matrix.node-version }}
	uses: actions/setup-node@v3
	with:
	node-version: ${{ matrix.node-version }}
	- name: Install bazelisk - linux
	if: matrix.os == 'ubuntu-latest'
	run: \|
	curl -LO "https://github.com/bazelbuild/bazelisk/releases/download/v1.15.0/bazelisk-linux-amd64"
	sudo mv bazelisk-linux-amd64 /usr/local/bin/bazel
	- name: Install bazelisk - windows
	if: matrix.os == 'windows-latest'
	run: choco install -y bazel
	- name: npm install, build and test
	run: \|
	npm install
	npm run build --if-present
	npm run lint
	npm test
	mkdir -p repotests
	mkdir -p bomresults
	mkdir -p denoresults
	env:
	CI: true
	- uses: swift-actions/setup-swift@v1
	- uses: actions/checkout@v3
	with:
	repository: 'ShiftLeftSecurity/shiftleft-java-example'
	path: 'repotests/shiftleft-java-example'
	- uses: actions/checkout@v3
	with:
	repository: 'ShiftLeftSecurity/shiftleft-ts-example'
	path: 'repotests/shiftleft-ts-example'
	- uses: actions/checkout@v3
	with:
	repository: 'ShiftLeftSecurity/shiftleft-go-example'
	path: 'repotests/shiftleft-go-example'
	- uses: actions/checkout@v3
	with:
	repository: 'prabhu/shiftleft-scala-example'
	path: 'repotests/shiftleft-scala-example'
	- uses: actions/checkout@v3
	with:
	repository: 'HooliCorp/vulnerable_net_core'
	path: 'repotests/vulnerable_net_core'
	- uses: actions/checkout@v3
	with:
	repository: 'HooliCorp/Goatly.NET'
	path: 'repotests/Goatly.NET'
	- uses: actions/checkout@v3
	with:
	repository: 'HooliCorp/DjanGoat'
	path: 'repotests/DjanGoat'
	- uses: actions/checkout@v3
	with:
	repository: 'prabhu/Vulnerable-Web-Application'
	path: 'repotests/Vulnerable-Web-Application'
	- uses: actions/checkout@v3
	with:
	repository: 'prabhu/railsgoat'
	path: 'repotests/railsgoat'
	- uses: actions/checkout@v3
	with:
	repository: 'bazelbuild/examples'
	path: 'repotests/bazel-examples'
	- uses: actions/checkout@v3
	with:
	repository: 'flutter/gallery'
	path: 'repotests/gallery'
	- uses: actions/checkout@v3
	with:
	repository: 'gojek/ziggurat'
	path: 'repotests/ziggurat'
	- uses: actions/checkout@v3
	with:
	repository: 'apple/swift-markdown'
	path: 'repotests/swift-markdown'
	- uses: actions/checkout@v3
	with:
	repository: 'GoogleCloudPlatform/microservices-demo'
	path: 'repotests/microservices-demo'
	- name: repotests
	run: \|
	bin/cdxgen.js -p -r -t java repotests/shiftleft-java-example -o bomresults/bom-java.json --generate-key-and-sign
	SBOM_SIGN_ALGORITHM=RS512 SBOM_SIGN_PRIVATE_KEY=bomresults/private.key SBOM_SIGN_PUBLIC_KEY=bomresults/public.key bin/cdxgen.js -p -r -t github repotests/shiftleft-java-example -o bomresults/bom-github.json
	FETCH_LICENSE=false bin/cdxgen.js -p -t js repotests/shiftleft-ts-example -o bomresults/bom-ts.json --validate
	FETCH_LICENSE=1 bin/cdxgen.js -p -t js repotests/shiftleft-ts-example --required-only -o bomresults/bom-ts.json --validate
	FETCH_LICENSE=false bin/cdxgen.js -p -r -t go repotests/shiftleft-go-example -o bomresults/bom-go.json --validate
	FETCH_LICENSE=true bin/cdxgen.js -p -r -t csharp repotests/vulnerable_net_core -o bomresults/bom-csharp2.json --validate
	FETCH_LICENSE=0 bin/cdxgen.js -p -r repotests/Goatly.NET -o bomresults/bom-csharp3.json --validate
	FETCH_LICENSE=true bin/cdxgen.js -p -r -t python repotests/DjanGoat -o bomresults/bom-python.json --validate
	bin/cdxgen.js -p -t php repotests/Vulnerable-Web-Application -o bomresults/bom-php.json --validate
	bin/cdxgen.js -p -t php --no-recurse repotests/Vulnerable-Web-Application -o bomresults/bom-php.json --validate
	bin/cdxgen.js -p -r -t ruby repotests/railsgoat -o bomresults/bom-ruby.json --validate
	bin/cdxgen.js -p -r -t java repotests/bazel-examples/java-maven -o bomresults/bom-bazel.json --validate
	bin/cdxgen.js -p -r -t dart repotests/gallery -o bomresults/bom-pub.json --validate
	CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -p -r -t clojure repotests/ziggurat -o bomresults/bom-clj.json --validate
	CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -r -t swift repotests/swift-markdown -o bomresults/bom-swift.json --validate
	bin/cdxgen.js --no-recurse repotests/microservices-demo -o bomresults/bom-msd.json --validate
	bin/cdxgen.js -r repotests/microservices-demo -o bomresults/bom-msd.json --validate
	bin/cdxgen.js -r -t yaml-manifest repotests/microservices-demo -o bomresults/bom-yaml.json --validate
	FETCH_LICENSE=true bin/cdxgen.js -p -r -t js repotests/shiftleft-ts-example -o bomresults/bom-ts.json --validate
	# mkdir -p jenkins
	# wget https://updates.jenkins.io/download/plugins/sonar/2.14/sonar.hpi
	# wget https://updates.jenkins.io/download/plugins/bouncycastle-api/2.26/bouncycastle-api.hpi
	# wget https://updates.jenkins.io/download/plugins/jsch/0.1.55.61.va_e9ee26616e7/jsch.hpi
	# wget https://updates.jenkins.io/download/plugins/momentjs/1.1.1/momentjs.hpi
	# mv *.hpi jenkins
	# CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -p -r -t jenkins jenkins -o bomresults/bom-jenkins.json --validate
	ls -ltr bomresults
	- name: repotests 1.4
	run: \|
	bin/cdxgen.js -p -r -t java repotests/shiftleft-java-example -o bomresults/bom-java.json --generate-key-and-sign --spec-version 1.4
	SBOM_SIGN_ALGORITHM=RS512 SBOM_SIGN_PRIVATE_KEY=bomresults/private.key SBOM_SIGN_PUBLIC_KEY=bomresults/public.key bin/cdxgen.js -p -r -t github repotests/shiftleft-java-example -o bomresults/bom-github.json --spec-version 1.4
	FETCH_LICENSE=false bin/cdxgen.js -p -r -t js repotests/shiftleft-ts-example -o bomresults/bom-ts.json --validate --spec-version 1.4
	FETCH_LICENSE=1 bin/cdxgen.js -p -r -t js repotests/shiftleft-ts-example --required-only -o bomresults/bom-ts.json --validate --spec-version 1.4
	FETCH_LICENSE=false bin/cdxgen.js -p -r -t go repotests/shiftleft-go-example -o bomresults/bom-go.json --validate --spec-version 1.4
	FETCH_LICENSE=true bin/cdxgen.js -p -r -t csharp repotests/vulnerable_net_core -o bomresults/bom-csharp2.json --validate --spec-version 1.4
	FETCH_LICENSE=0 bin/cdxgen.js -p -r repotests/Goatly.NET -o bomresults/bom-csharp3.json --validate --spec-version 1.4
	FETCH_LICENSE=true bin/cdxgen.js -p -r -t python repotests/DjanGoat -o bomresults/bom-python.json --validate --spec-version 1.4
	bin/cdxgen.js -p -r -t php repotests/Vulnerable-Web-Application -o bomresults/bom-php.json --validate --spec-version 1.4
	- name: denotests
	if: github.ref == 'refs/heads/master' && matrix.os == 'ubuntu-latest'
	run: \|
	docker build -t ghcr.io/cyclonedx/cdxgen-deno -f Dockerfile-deno .
	docker run --rm -t -e "CDXGEN_DEBUG_MODE=debug" -v $(pwd):/app ghcr.io/cyclonedx/cdxgen-deno -p -r -t java /app/repotests/shiftleft-java-example -o /app/denoresults/bom-java.json
	docker run --rm -t -e "CDXGEN_DEBUG_MODE=debug" -v $(pwd):/app ghcr.io/cyclonedx/cdxgen-deno -p -r -t python /app/repotests/DjanGoat -o /app/denoresults/bom-python.json
	ls -ltr denoresults
	- uses: actions/upload-artifact@v1
	with:
	name: bomresults
	path: bomresults

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Added sort command #1016

Workflow file

Added sort command #1016

Jobs

Run details

Workflow file for this run