Adding openssl to dependencies #11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: OSS SCA with Debricked | |
| on: | |
| # Triggers the workflow on push or pull request events but only for the main and dev branches | |
| push: | |
| paths: | |
| - 'conanfile.txt' | |
| - 'conanfile.py' | |
| branches: | |
| - '**' # matches every branch | |
| pull_request: | |
| branches: [ main, develop ] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| # Global environment variables | |
| env: | |
| DEFAULT_APP_NAME: "EightBallCpp" | |
| PYTHON_VERSION: "3.12.4" | |
| jobs: | |
| Debricked-SCA: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install Conan SBOM generator # https://github.com/CycloneDX/cyclonedx-conan | |
| run: | | |
| python -m venv .venv | |
| source .venv/bin/activate | |
| python -m pip install cyclonedx-conan | |
| python -m pip install markupsafe==2.0.1 | |
| echo "$VIRTUAL_ENV/bin" >> $GITHUB_PATH | |
| echo "VIRTUAL_ENV=$VIRTUAL_ENV" >> $GITHUB_ENV | |
| - name: Generate Conan SBOM | |
| run: | | |
| cyclonedx-conan conanfile.txt | sed -n -e '/^{/,$p' > sbom.json # cyclonedx-conan PATH_TO_conanfile.txt > SBOM_NAME_FILE | |
| - run: curl -L https://github.com/debricked/cli/releases/latest/download/cli_linux_x86_64.tar.gz | tar -xz debricked | |
| - name: Run debricked scan | |
| shell: bash | |
| run: | | |
| ./debricked scan -r "${DEFAULT_APP_NAME}" --access-token="${DEBRICKED_TOKEN}" -e "lib/**" -e ".venv/**" --verbose . | |
| env: | |
| DEBRICKED_TOKEN: ${{ secrets.DEBRICKED_TOKEN }} |