fix: sbom-generate utilise alpine + install syft (image distroless sans shell)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
syoul
@@ -38,10 +38,12 @@ steps:
|
||||
# Etape 2b : Generation SBOM (Syft) — inventaire des composants des images Docker
|
||||
# NOTE: volumes: et from_secret incompatibles dans le meme step — pas de secrets ici
|
||||
- name: sbom-generate
|
||||
image: anchore/syft:latest
|
||||
image: alpine:3.20
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
commands:
|
||||
- apk add --no-cache curl
|
||||
- curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin latest
|
||||
- mkdir -p .reports
|
||||
- syft prestashop/prestashop:8-apache -o cyclonedx-json --file .reports/sbom-prestashop.cyclonedx.json
|
||||
- syft mariadb:10.11 -o cyclonedx-json --file .reports/sbom-mariadb.cyclonedx.json
|
||||
|
||||
Reference in New Issue
Block a user