Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Publish Vuln Reports #44

Merged
merged 23 commits into from
Jul 5, 2023
Merged

Conversation

RothAndrew
Copy link
Member

@RothAndrew RothAndrew commented Jun 30, 2023

Closes #46
Closes #47

Changes:

  • Update the pull-request workflow to automatically upload the SBOM from Syft as well as the vulnerability report from Grype as workflow artifacts
  • Update the release workflow to automatically upload the SBOM from Syft as well as the vulnerability report from Grype as release assets (tested here: https://github.com/RothAndrew/build-harness)
  • Other minor refactors

@RothAndrew RothAndrew marked this pull request as ready for review June 30, 2023 23:28
@RothAndrew RothAndrew requested a review from a team as a code owner June 30, 2023 23:28
@RothAndrew RothAndrew self-assigned this Jun 30, 2023
@RothAndrew RothAndrew merged commit 95c8812 into main Jul 5, 2023
@RothAndrew RothAndrew deleted the feature/automated-vulnerability-scan branch July 5, 2023 20:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Auto-attach Grype report as release asset Auto-attach SBOM as release asset
2 participants