|
21 | 21 | KONDUKTO_TOKEN: ${{ secrets.KONDUKTO_TOKEN }} |
22 | 22 | KONDUKTO_REPO: mongodb/mongodb-atlas-cli |
23 | 23 | KONDUKTO_BRANCH_PREFIX: atlascli |
24 | | - ARTIFACTORY_IMAGE: 901841024863.dkr.ecr.us-east-1.amazonaws.com/release-infrastructure/silkbomb:2.0 |
| 24 | + SILKBOMB_IMG: artifactory.corp.mongodb.com/release-tools-container-registry-public-local/silkbomb:2.0 |
25 | 25 |
|
26 | 26 | steps: |
27 | 27 | - uses: GitHubSecurityLab/actions-permissions/monitor@v1 |
@@ -49,26 +49,12 @@ jobs: |
49 | 49 | awk '$1 == "dep" || $1 == "=>" { print "pkg:golang/" $2 "@" $3 }' | \ |
50 | 50 | LC_ALL=C sort > purls.txt |
51 | 51 | cat purls.txt |
52 | | - - name: Configure AWS credentials |
53 | | - uses: aws-actions/configure-aws-credentials@v4 |
54 | | - with: |
55 | | - role-to-assume: ${{ secrets.KONDUKTO_ROLE_ARN }} |
56 | | - aws-region: us-east-1 |
57 | | - |
58 | | - - name: Login to AWS ECR |
59 | | - env: |
60 | | - aws-access-key-id: ${{ steps.creds.outputs.aws-access-key-id }} |
61 | | - aws-secret-access-key: ${{ steps.creds.outputs.aws-secret-access-key }} |
62 | | - aws-session-token: ${{ steps.creds.outputs.aws-session-token }} |
63 | | - run: | |
64 | | - aws ecr get-login-password --region us-east-1 | \ |
65 | | - docker login --username AWS --password-stdin 901841024863.dkr.ecr.us-east-1.amazonaws.com |
66 | 52 |
|
67 | 53 | - name: Generate SBOM with Silkbomb |
68 | 54 | run: | |
69 | 55 | docker run --rm \ |
70 | 56 | -v "${PWD}:/pwd" \ |
71 | | - "${ARTIFACTORY_IMAGE}" \ |
| 57 | + "${SILKBOMB_IMG}" \ |
72 | 58 | update \ |
73 | 59 | --purls "/pwd/purls.txt" \ |
74 | 60 | --sbom-out "/pwd/sbom_lite.json" |
|
80 | 66 | kondukto_branch="${KONDUKTO_BRANCH_PREFIX}-linux-${arch}" |
81 | 67 | docker run --platform="linux/amd64" -it --rm -v "${PWD}:/pwd" \ |
82 | 68 | -e "KONDUKTO_TOKEN=${KONDUKTO_TOKEN}" \ |
83 | | - "${ARTIFACTORY_IMAGE}" \ |
| 69 | + "${SILKBOMB_IMG}" \ |
84 | 70 | augment \ |
85 | 71 | --sbom-in "/pwd/sbom_lite.json" \ |
86 | 72 | --repo "${KONDUKTO_REPO}" \ |
|
0 commit comments