https://github.com/espressif/esp-idf-sbom-action

https://github.com/espressif/esp-idf-sbom-action

ci espressif github-actions

Last synced: 3 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/espressif/esp-idf-sbom-action
• Owner: espressif
• License: apache-2.0
• Created: 2023-12-04T11:29:57.000Z (about 1 year ago)
• Default Branch: master
• Last Pushed: 2024-06-19T12:31:36.000Z (7 months ago)
• Last Synced: 2024-09-29T14:53:57.870Z (3 months ago)
• Topics: ci, espressif, github-actions
• Language: Python
• Homepage:
• Size: 13.7 KB
• Stars: 0
• Watchers: 7
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# ESP IDF SBOM Vulnerability Scan Action

This action scans manifest files with CPE info in repository for possible

vulnerabilities and optionaly sends message to a Mattermost channel.

## Secrets

## `SBOM_MATTERMOST_WEBHOOK`

If the `SBOM_MATTERMOST_WEBHOOK` environment variable is set and not null, a

brief status message containing the job link will automatically be dispatched

to the Mattermost webhook. Author of the message is set as

`${GITHUB_REPOSITORY}@${INPUT_REF:-$GITHUB_REF_NAME}`, where `INPUT_REF` may

be set via action inputs.

## Inputs

## `ref`

Reference name. If not set `GITHUB_REF_NAME` is used by default. Can be used

to explicitly set the reference in the Mattermost message user name.

## Outputs

## `vulnerable`

Set to 1 if vulnerability was found, 0 otherwise.

## Example usage

    jobs:

      vulnerability-scan:

        name: Vulnerability scan

        runs-on: ubuntu-latest

        steps:

          - name: Checkout repository

            uses: actions/checkout@v4

          - name: Vulnerability scan

            env:

              SBOM_MATTERMOST_WEBHOOK: ${{ secrets.SBOM_MATTERMOST_WEBHOOK }}

            uses: espressif/esp-idf-sbom-action@master