Skip to content

Rate my xbom #3025

Rate my xbom

Rate my xbom #3025

Workflow file for this run

name: docker tests
on:
workflow_dispatch:
pull_request:
paths-ignore:
- 'docs/**'
- '*.md'
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
linux-tests:
strategy:
fail-fast: true
matrix:
os: [ubuntu-latest]
node-version: ['23.x']
java-version: ['23']
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: ${{ matrix.java-version }}
- name: Trim CI agent
run: |
chmod +x contrib/free_disk_space.sh
./contrib/free_disk_space.sh
- name: npm install, build and test
run: |
corepack enable
corepack pnpm install --package-import-method copy
corepack pnpm test
mkdir -p bomresults repotests
env:
CI: true
- uses: actions/checkout@v4
with:
repository: 'grafana-operator/grafana-operator'
path: 'repotests/grafana-operator'
- name: dockertests
run: |
bin/cdxgen.js ubuntu:latest -t docker -o bomresults/bom-ubuntu.json --fail-on-error
docker rmi ubuntu:latest
bin/cdxgen.js alpine:latest -t docker -o bomresults/bom-alpine.json --fail-on-error
docker rmi alpine:latest
bin/cdxgen.js almalinux:9.4-minimal -t docker -o bomresults/bom-almalinux.json --fail-on-error
docker rmi almalinux:9.4-minimal
bin/cdxgen.js centos:latest -t oci -o bomresults/bom-centos.json --fail-on-error
docker rmi centos:latest
bin/cdxgen.js phpmyadmin@sha256:1092481630056189e43cc0fe66fd01defcc9334d78ab4611b22f65e9a39869bd -o bomresults/bom-phpmyadmin.json --fail-on-error
docker rmi phpmyadmin@sha256:1092481630056189e43cc0fe66fd01defcc9334d78ab4611b22f65e9a39869bd
bin/cdxgen.js shiftleft/scan-slim -o bomresults/bom-scanslim.json -t container --fail-on-error
docker rmi shiftleft/scan-slim
bin/cdxgen.js redmine@sha256:a5c5f8a64a0d9a436a0a6941bc3fb156be0c89996add834fe33b66ebeed2439e -o bomresults/bom-redmine.json --fail-on-error
docker rmi redmine@sha256:a5c5f8a64a0d9a436a0a6941bc3fb156be0c89996add834fe33b66ebeed2439e
bin/cdxgen.js rocket.chat@sha256:379f7afa0e67497c363ac9a9b3e7e6a6d31deee228233307c987e4a0c68b28e6 -o bomresults/bom-rocket.json --fail-on-error
docker rmi rocket.chat@sha256:379f7afa0e67497c363ac9a9b3e7e6a6d31deee228233307c987e4a0c68b28e6
bin/cdxgen.js sonarqube@sha256:7c0edcb99c964984db6d24330db33bb12de1e8ae0d5974d77640b1efea1483d1 -o bomresults/bom-sonar.json --fail-on-error
docker rmi sonarqube@sha256:7c0edcb99c964984db6d24330db33bb12de1e8ae0d5974d77640b1efea1483d1
bin/cdxgen.js zookeeper@sha256:5bf00616677db5ef57d8a2da7c5dadf67f1a6be54b0c33a79be3332c9c80aeb6 -o bomresults/bom-zoo.json --fail-on-error
docker rmi zookeeper@sha256:5bf00616677db5ef57d8a2da7c5dadf67f1a6be54b0c33a79be3332c9c80aeb6
docker pull shiftleft/scan-slim:latest
docker save shiftleft/scan-slim:latest -o /tmp/scanslim.tar
docker rmi shiftleft/scan-slim:latest
bin/cdxgen.js /tmp/scanslim.tar -o bomresults/bom-scanarch.json --fail-on-error
bin/cdxgen.js -t docker-compose test/data -o bomresults/bom-dc.json --fail-on-error
bin/cdxgen.js -t operator repotests/grafana-operator -o bomresults/bom-op.json --fail-on-error
rm /tmp/scanslim.tar
ls -ltr bomresults
env:
CDXGEN_DEBUG_MODE: debug
linux-dockertar-tests:
strategy:
matrix:
os: [ubuntu-latest]
node-version: ['23.x']
java-version: ['23']
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: ${{ matrix.java-version }}
- name: Trim CI agent
run: |
chmod +x contrib/free_disk_space.sh
./contrib/free_disk_space.sh
- name: npm install, build and test
run: |
corepack enable
corepack pnpm install --package-import-method copy
corepack pnpm test
mkdir -p bomresults repotests
env:
CI: true
- uses: actions/checkout@v4
with:
repository: 'grafana-operator/grafana-operator'
path: 'repotests/grafana-operator'
- name: dockertests
run: |
docker pull elasticsearch@sha256:3686a5757ed46c9dbcf00f6f71fce48ffc5413b193a80d1c46a21e7aad4c53ad
docker save -o /tmp/elastic.tar elasticsearch@sha256:3686a5757ed46c9dbcf00f6f71fce48ffc5413b193a80d1c46a21e7aad4c53ad
docker rmi elasticsearch@sha256:3686a5757ed46c9dbcf00f6f71fce48ffc5413b193a80d1c46a21e7aad4c53ad
bin/cdxgen.js /tmp/elastic.tar -t docker -o bomresults/bom-elastic.tar.json --fail-on-error
docker pull alpine:latest
docker save -o /tmp/alpine.tar alpine:latest
docker rmi alpine:latest
bin/cdxgen.js /tmp/alpine.tar -t docker -o bomresults/bom-alpine.tar.json --fail-on-error
ls -ltr bomresults
env:
CDXGEN_DEBUG_MODE: debug
os-tests:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: ['23.x']
java-version: ['23']
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: ${{ matrix.java-version }}
- name: Trim CI agent
run: |
chmod +x contrib/free_disk_space.sh
./contrib/free_disk_space.sh
- name: npm install, build and test
run: |
corepack enable
corepack pnpm install --package-import-method copy
mkdir -p bomresults
env:
CI: true
- name: ostests
run: |
bin/cdxgen.js -t os -o bomresults/bom-os.json --fail-on-error
env:
CDXGEN_DEBUG_MODE: debug
- uses: actions/upload-artifact@v4
with:
name: bomresults-os
path: bomresults
win-tests:
runs-on: windows-latest
strategy:
matrix:
node-version: ['23.x']
java-version: ['23']
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: ${{ matrix.java-version }}
- name: npm install, build
run: |
corepack enable
corepack pnpm install --package-import-method copy
mkdir bomresults
env:
CI: true
- name: wintests
run: |
node bin/cdxgen.js -t os -o bomresults/bom-win.json --fail-on-error
dir bomresults
env:
CDXGEN_DEBUG_MODE: debug
- uses: actions/upload-artifact@v4
with:
name: bomresults-win
path: bomresults