This GitHub action wraps the cdxgen tool for generating Software Bill-of-Materials (BOM) for supported projects. Optionally, the generated file can be exported to dependency track or AppThreat server for further oss analysis.
Simple usage, just print the xml to the console
uses: AppThreat/cdxgen-action@v1Specifiy parameters for automatic submission to a dependency track or AppThreat server
- uses: AppThreat/cdxgen-action@v1
with:
output: "./reports/bom.xml"
serverUrl: "https://deptrack.appthreat.io"
apiKey: ${{ secrets.apiKey }}Submit to server as well as store artefacts
- uses: AppThreat/cdxgen-action@v1
with:
output: "./reports/bom.xml"
serverUrl: "https://deptrack.appthreat.io"
apiKey: ${{ secrets.apiKey }}
- uses: actions/upload-artifact@v1
with:
name: reports
path: reports