/
action.yml
64 lines (52 loc) · 1.48 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
name: "Anchore SBOM Action"
description: "Creates an SBOM (Software Bill Of Materials) from your code and container images"
author: "Anchore"
branding:
color: blue
icon: check-circle
inputs:
path:
required: false
description: "A path on the filesystem to scan. Can be a file or directory."
default: "."
image:
required: false
description: "A container image to scan"
registry-username:
required: false
description: "The registry username"
registry-password:
required: false
description: "The registry password"
format:
required: false
description: "The SBOM format to export"
default: "spdx-json"
github-token:
description: "Authorized secret GitHub Personal Access Token. Defaults to github.token"
required: false
default: ${{ github.token }}
artifact-name:
description: "The name to use for the SBOM file generated by this action"
required: false
output-file:
required: false
description: "A file location to output the SBOM"
syft-version:
required: false
description: "The version of Syft to use"
dependency-snapshot:
required: false
description: "Upload to GitHub dependency snapshot API"
default: "false"
upload-artifact:
required: false
description: "Upload artifact to workflow"
default: "true"
upload-release-assets:
required: false
description: "Upload release assets"
default: "true"
runs:
using: "node12"
main: "dist/runSyftAction/index.js"