Skip to content
This repository has been archived by the owner on Aug 2, 2023. It is now read-only.
/ cdxgen-action Public archive
generated from actions/javascript-action

GitHub action for CycloneDX BOM generator (cdxgen). cdxgen produced bom xml file can be uploaded to dependency track, AppThreat and other commercial Software Composition Analysis (SCA) products

License

Notifications You must be signed in to change notification settings

CycloneDX/cdxgen-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Introduction

This GitHub action wraps the cdxgen tool for generating Software Bill-of-Materials (BOM) for supported projects. Optionally, the generated file can be exported to dependency track or AppThreat server for further oss analysis.

Usage

Simple usage, just print the xml to the console

uses: AppThreat/cdxgen-action@v1

Specifiy parameters for automatic submission to a dependency track or AppThreat server

- uses: AppThreat/cdxgen-action@v1
  with:
    output: "./reports/bom.xml"
    serverUrl: "https://deptrack.appthreat.io"
    apiKey: ${{ secrets.apiKey }}

Submit to server as well as store artefacts

- uses: AppThreat/cdxgen-action@v1
  with:
    output: "./reports/bom.xml"
    serverUrl: "https://deptrack.appthreat.io"
    apiKey: ${{ secrets.apiKey }}

- uses: actions/upload-artifact@v1
  with:
    name: reports
    path: reports

About

GitHub action for CycloneDX BOM generator (cdxgen). cdxgen produced bom xml file can be uploaded to dependency track, AppThreat and other commercial Software Composition Analysis (SCA) products

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published