feat: add sbom to CI #35

	# This workflow will build and test a .NET project
	# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net

	name: CI

	on:
	pull_request:
	branches:
	- '**'
	push:
	branches: ["main"]
	workflow_dispatch:

	defaults:
	run:
	working-directory: ./FundParser

	jobs:
	build:
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: 8.0.x
	- name: Restore dependencies
	run: dotnet restore
	- name: Build
	run: dotnet build --no-restore

	test:
	needs: build
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: 8.0.x
	- name: Restore dependencies
	run: dotnet restore
	- name: Build
	run: dotnet build --no-restore
	- name: Test
	run: dotnet test --no-build --verbosity normal

	sbom:
	needs: build
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	- name: Setup .NET
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: 8.0.x

	- name: Build
	run: dotnet build --output buildOutput

	- name: Generate SBOM
	run: \|
	curl -Lo $RUNNER_TEMP/sbom-tool https://github.com/microsoft/sbom-tool/releases/latest/download/sbom-tool-linux-x64
	chmod +x $RUNNER_TEMP/sbom-tool
	$RUNNER_TEMP/sbom-tool generate -b ./buildOutput -bc . -pn Test -pv 1.0.0 -ps OrangeTeam -V Verbose

	- name: Upload a Build Artifact
	uses: actions/upload-artifact@v3.1.0
	with:
	path: ./FundParser/buildOutput

Provide feedback