Skip to content

Merge pull request #101 from philips-software/dependabot/github_actio… #245

Merge pull request #101 from philips-software/dependabot/github_actio…

Merge pull request #101 from philips-software/dependabot/github_actio… #245

Workflow file for this run

name: Test github action for merging SPDX
on:
push:
jobs:
test-action:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # ratchet:actions/[email protected]
- name: Test merging SPDX JSON format files
uses: ./
with:
docpath: ${{github.workspace}}/test/json/input
name: sample-sbom-json
mergetype: "1" # 0 shallow merge, 1 deep merge
author: "ci/cd build pipeline"
email: "[email protected]"
docnamespace: "https://philips.example.com"
filetype: "J" # J JSON, T for SPDX tag value format
- name: Check result for JSON format
run: |
# Ignore field created since it contains a created at timestamp
diff -I"created" merged-SBoM-deep.json ${{github.workspace}}/test/json/output/result.json
- name: Test merging SPDX Tag value format files
uses: ./
with:
docpath: ${{github.workspace}}/test/spdx/input
name: sample-sbom-spdx
mergetype: "0" # 0 shallow merge, 1 deep merge
author: "ci/cd build pipeline"
email: "[email protected]"
docnamespace: "https://philips.example.com"
filetype: "T" # J JSON, T for SPDX tag value format
- name: Check result for SPDX tag value format
run: |
# Ignore field created since it contains a created at timestamp
diff -I"Created" merged-SBoM-shallow.spdx ${{github.workspace}}/test/spdx/output/result.spdx