Skip to content
check

GitHub Action

cdxgen

v1.0.0 Latest version

cdxgen

check

cdxgen

Generate CycloneDX BOM xml file using cdxgen tool for supported projects

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: cdxgen

              
  uses: CycloneDX/cdxgen-action@v1.0.0
Learn more about this action in CycloneDX/cdxgen-action

Choose a version

Introduction

This GitHub action wraps the cdxgen tool for generating Software Bill-of-Materials (BOM) for supported projects. Optionally, the generated file can be exported to dependency track or AppThreat server for further oss analysis.

Usage

Simple usage, just print the xml to the console

uses: AppThreat/cdxgen-action@v1

Specifiy parameters for automatic submission to a dependency track or AppThreat server

- uses: AppThreat/cdxgen-action@v1
  with:
    output: "./reports/bom.xml"
    serverUrl: "https://deptrack.appthreat.io"
    apiKey: ${{ secrets.apiKey }}

Submit to server as well as store artefacts

- uses: AppThreat/cdxgen-action@v1
  with:
    output: "./reports/bom.xml"
    serverUrl: "https://deptrack.appthreat.io"
    apiKey: ${{ secrets.apiKey }}

- uses: actions/upload-artifact@v1
  with:
    name: reports
    path: reports