chore: bump version to v37.0.0 for release (#2091) #19
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Generate SBOMS | |
| on: | |
| workflow_dispatch: | |
| push: | |
| tags: | |
| - "v*.*.*" | |
| env: | |
| INPUTS_PATH: scancode-inputs | |
| jobs: | |
| generate-sboms: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false # do not keep the token around | |
| - name: Ensure INPUTS_PATH directory exists | |
| run: mkdir -p "${{ env.INPUTS_PATH }}" | |
| - name: Build the Docker image from local Dockerfile | |
| run: docker build -t local-image . | |
| - name: Run pip freeze inside the built Docker container | |
| run: docker run --rm local-image pip freeze --all --exclude scancodeio > "${{ env.INPUTS_PATH }}/requirements.txt" | |
| - name: Collect all .ABOUT files in the scancodeio/ directory | |
| run: | | |
| mkdir -p "${{ env.INPUTS_PATH }}/about-files" | |
| find scancodeio/ -type f -name "*.ABOUT" -exec cp {} "${{ env.INPUTS_PATH }}/about-files/" \; | |
| - name: Resolve the dependencies using ScanCode-action | |
| uses: aboutcode-org/scancode-action@8adbf888f487c3cdf6c15386035769cd03a94c66 | |
| with: | |
| pipelines: "resolve_dependencies:DynamicResolver" | |
| inputs-path: ${{ env.INPUTS_PATH }} | |
| scancodeio-repo-branch: main |