fix: sbom-generate — version syft hardcodée dans l'URL (env non expansé)
ci/woodpecker/push/woodpecker Pipeline was successful
ci/woodpecker/push/woodpecker Pipeline was successful
Les variables environment: Woodpecker ne sont pas expansées dans les commandes shell YAML. Version v1.42.3 écrite directement dans l'URL. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
syoul
+1
-3
@@ -51,11 +51,9 @@ steps:
|
|||||||
image: alpine:3.20
|
image: alpine:3.20
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
environment:
|
|
||||||
SYFT_VERSION: "1.42.3"
|
|
||||||
commands:
|
commands:
|
||||||
- apk add --no-cache curl tar
|
- apk add --no-cache curl tar
|
||||||
- curl -sSfL "https://github.com/anchore/syft/releases/download/v${SYFT_VERSION}/syft_${SYFT_VERSION}_linux_amd64.tar.gz" | tar xz -C /usr/local/bin syft
|
- curl -sSfL "https://github.com/anchore/syft/releases/download/v1.42.3/syft_1.42.3_linux_amd64.tar.gz" | tar xz -C /usr/local/bin syft
|
||||||
- mkdir -p .reports
|
- mkdir -p .reports
|
||||||
- syft packages docker:g1flux:latest -o cyclonedx-json=.reports/sbom-app.cyclonedx.json
|
- syft packages docker:g1flux:latest -o cyclonedx-json=.reports/sbom-app.cyclonedx.json
|
||||||
- echo "SBOM genere"
|
- echo "SBOM genere"
|
||||||
|
|||||||
Reference in New Issue
Block a user