Skip to content

Simple sanitization in strings used in CLI before logging (#1155) #632

Simple sanitization in strings used in CLI before logging (#1155)

Simple sanitization in strings used in CLI before logging (#1155) #632

name: Publish snapshot of test scan
env:
CD_DETECTOR_EXPERIMENTS: 1
on:
push:
branches:
- main
workflow_dispatch:
permissions:
contents: read
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Setup .NET Core
uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0
- run: dotnet restore
- name: Install Apache Ivy
if: ${{ matrix.os == 'ubuntu-latest' }}
run: curl https://downloads.apache.org/ant/ivy/2.5.2/apache-ivy-2.5.2-bin.tar.gz | tar xOz apache-ivy-2.5.2/ivy-2.5.2.jar > /usr/share/ant/lib/ivy.jar
- name: Install Apache Ivy
if: ${{ matrix.os == 'windows-latest' }}
shell: bash
run: curl https://downloads.apache.org/ant/ivy/2.5.2/apache-ivy-2.5.2-bin.tar.gz | tar xOz apache-ivy-2.5.2/ivy-2.5.2.jar > "$ANT_HOME/lib/ivy.jar"
- name: Install Apache Ivy
if: ${{ matrix.os == 'macos-latest' }}
run: brew install ivy
- name: Make output directory
run: mkdir ${{ github.workspace }}/output
- name: Scan verification repo
working-directory: src/Microsoft.ComponentDetection
run:
dotnet run scan --Verbosity Verbose --SourceDirectory ${{ github.workspace }}/test/Microsoft.ComponentDetection.VerificationTests/resources --Output ${{ github.workspace }}/output
--DockerImagesToScan "docker.io/library/debian@sha256:9b0e3056b8cd8630271825665a0613cc27829d6a24906dc0122b3b4834312f7d,mcr.microsoft.com/cbl-mariner/base/core@sha256:c1bc83a3d385eccbb2f7f7da43a726c697e22a996f693a407c35ac7b4387cd59,docker.io/library/alpine@sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870"
--DetectorArgs DockerReference=EnableIfDefaultOff,SPDX22SBOM=EnableIfDefaultOff,SimplePip=EnableIfDefaultOff
- name: Upload output folder
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: release-snapshot-output-${{ matrix.os }}
path: ${{ github.workspace }}/output