Code Review
/
releng
/
global-jjb.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Fix: Address submodule update issues
[releng/global-jjb.git]
/
shell
/
sbom-generator.sh
diff --git
a/shell/sbom-generator.sh
b/shell/sbom-generator.sh
index
f3e657b
..
913a639
100644
(file)
--- a/
shell/sbom-generator.sh
+++ b/
shell/sbom-generator.sh
@@
-15,7
+15,7
@@
echo "---> sbom-generator.sh"
set -eu
# Add mvn executable into PATH
set -eu
# Add mvn executable into PATH
-export PATH=$
PATH:${MVN::-4}
+export PATH=$
{MVN::-4}:$PATH
SBOM_LOCATION="/tmp/spdx-sbom-generator-${SBOM_GENERATOR_VERSION}-linux-amd64.tar.gz"
echo "INFO: downloading spdx-sbom-generator version ${SBOM_GENERATOR_VERSION}"
URL="https://github.com/spdx/spdx-sbom-generator/releases/download/${SBOM_GENERATOR_VERSION}/\
SBOM_LOCATION="/tmp/spdx-sbom-generator-${SBOM_GENERATOR_VERSION}-linux-amd64.tar.gz"
echo "INFO: downloading spdx-sbom-generator version ${SBOM_GENERATOR_VERSION}"
URL="https://github.com/spdx/spdx-sbom-generator/releases/download/${SBOM_GENERATOR_VERSION}/\
@@
-25,9
+25,15
@@
if ! wget -nv "${URL}" -O "${SBOM_LOCATION}"; then
echo "wget ${SBOM_GENERATOR_VERSION} failed"
exit 1;
fi
echo "wget ${SBOM_GENERATOR_VERSION} failed"
exit 1;
fi
-tar -xvf "${SBOM_LOCATION}"
+# Extract SBOM bin in SBOM_PATH
+# This is a workaround until the --path flag works
+# https://github.com/opensbom-generator/spdx-sbom-generator/issues/227
+tar -xzf "${SBOM_LOCATION}" -C ${SBOM_PATH}
echo "INFO: running spdx-sbom-generator"
echo "INFO: running spdx-sbom-generator"
-./spdx-sbom-generator "${SBOM_FLAGS:-}" -o "${WORKSPACE}"/m2repo
+cd ${SBOM_PATH}
+./spdx-sbom-generator "${SBOM_FLAGS:-}" -g "$GLOBAL_SETTINGS_FILE" -o "${WORKSPACE}"/archives
+mv "${WORKSPACE}"/archives/bom-Java-Maven.spdx "${WORKSPACE}"/archives/sbom-"${JOB_BASE_NAME}"
+cp "${WORKSPACE}"/archives/sbom-"${JOB_BASE_NAME}" "${WORKSPACE}"/m2repo/sbom-"${JOB_BASE_NAME}"
mv spdx-sbom-generator /tmp/
rm /tmp/spdx*
echo "---> sbom-generator.sh ends"
mv spdx-sbom-generator /tmp/
rm /tmp/spdx*
echo "---> sbom-generator.sh ends"