fix: sbom-generate utilise alpine + install syft (image distroless sans shell)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
syoul
@@ -38,10 +38,12 @@ steps:
|
|||||||
# Etape 2b : Generation SBOM (Syft) — inventaire des composants des images Docker
|
# Etape 2b : Generation SBOM (Syft) — inventaire des composants des images Docker
|
||||||
# NOTE: volumes: et from_secret incompatibles dans le meme step — pas de secrets ici
|
# NOTE: volumes: et from_secret incompatibles dans le meme step — pas de secrets ici
|
||||||
- name: sbom-generate
|
- name: sbom-generate
|
||||||
image: anchore/syft:latest
|
image: alpine:3.20
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
commands:
|
commands:
|
||||||
|
- apk add --no-cache curl
|
||||||
|
- curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin latest
|
||||||
- mkdir -p .reports
|
- mkdir -p .reports
|
||||||
- syft prestashop/prestashop:8-apache -o cyclonedx-json --file .reports/sbom-prestashop.cyclonedx.json
|
- syft prestashop/prestashop:8-apache -o cyclonedx-json --file .reports/sbom-prestashop.cyclonedx.json
|
||||||
- syft mariadb:10.11 -o cyclonedx-json --file .reports/sbom-mariadb.cyclonedx.json
|
- syft mariadb:10.11 -o cyclonedx-json --file .reports/sbom-mariadb.cyclonedx.json
|
||||||
|
|||||||
Reference in New Issue
Block a user