Skip to content

fix: revive root component in generated sbom for python pip #122

fix: revive root component in generated sbom for python pip

fix: revive root component in generated sbom for python pip #122

Workflow file for this run

---
name: Stage
env:
# 🖊️ EDIT to change the image build settings.
IMAGE_NAME: exhort-javascript-api
IMAGE_REGISTRY: quay.io/ecosystem-appeng
DOCKERFILE_PATH: ./docker-image/Dockerfiles/Dockerfile
on:
pull_request_target:
types:
- closed
branches:
- main
paths:
- "generated/**"
- "src/**"
- "package-lock.json"
- "package.json"
- "tsconfig.json"
- ".github/workflows/stage.yml"
- "docker-image/**"
jobs:
stage:
runs-on: ubuntu-latest
# Branches that starts with `release/` shouldn't trigger this workflow, as these are triggering the release workflow.
if: github.repository_owner == 'RHEcosystemAppEng' && github.event.pull_request.merged == true && !startsWith(github.head_ref, 'release/')
environment: staging
name: Stage the project
steps:
- name: Checkout sources
uses: actions/checkout@v3
with:
ssh-key: ${{ secrets.DEPLOY_KEY }}
- name: Install node 18
uses: actions/setup-node@v3
with:
node-version: 18
cache: npm
registry-url: 'https://npm.pkg.github.com'
- name: Configure git
run: |
git config user.name "${{ github.actor }}"
git config user.email "${{ github.actor }}@users.noreply.github.com"
- name: Update package with new version
id: bump
run: |
echo "version=$(npm version prerelease --no-git-tag-version --preid ea)" >> "$GITHUB_OUTPUT"
- name: Install project modules
run: npm ci
- name: Compile project
run: npm run compile
- name: Publish package
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_MAVEN_TOKEN }}
run: npm publish
- name: Commit and push package modifications
run: |
git add package.json
git add package-lock.json
git commit -m "build: updated package with ${{ steps.bump.outputs.version }} [skip ci]"
git push
- name: Create and push new tag
run: |
git tag ${{ steps.bump.outputs.version }} -m "${{ steps.bump.outputs.version }}"
git push origin ${{ steps.bump.outputs.version }}
- name: Create a release
uses: actions/[email protected]
with:
github-token: ${{ secrets.STAGING_PAT }}
script: |
const repo_name = context.payload.repository.full_name
const response = await github.request('POST /repos/' + repo_name + '/releases', {
tag_name: '${{ steps.bump.outputs.version }}',
name: '${{ steps.bump.outputs.version }}',
prerelease: true,
generate_release_notes: true
})
- name: Build Image With buildah
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.IMAGE_NAME }}
tags: ${{ steps.bump.outputs.version }}
dockerfiles: |
${{ env.DOCKERFILE_PATH }}
build-args: |
PACKAGE_REGISTRY_ACCESS_TOKEN=${{ secrets.PACKAGE_REGISTRY_ACCESS_TOKEN }}
context: docker-image
- name: Push Image To Registry
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.IMAGE_REGISTRY }}
username: ${{ secrets.IMAGE_REGISTRY_USER }}
password: ${{ secrets.IMAGE_REGISTRY_PASSWORD }}