cleanup, get syft working

Signed-off-by: Joe Eltgroth <jeltgroth@vmware.com>
vmware-tanzu · Aug 16, 2023 · f2d8a83 · f2d8a83
1 parent 4c784e0
commit f2d8a83
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 23 deletions.
diff --git a/.github/actions/srp-helper/publish-container/action.yml b/.github/actions/srp-helper/publish-container/action.yml
@@ -10,32 +10,17 @@ inputs:
   client-secret:
     description: 'Client Secret associated with your CSP org'
     required: true
-  build-type:
-    description: 'Name of the built type to be stored in source provenance'
-    default: release
-    required: true
-  scm-type:
-    description: 'SCM type of the processed repos'
-    default: git
-    required: true
   buildpack:
     description: 'Language of buildpack'
     required: true
 
-#outputs:
-#  provenance-file:
-#    description: "SRP Provenance file"
-#    value: ${{ steps.publish-container.outputs.provenance-file }}
-
 runs:
   using: "composite"
   steps:
     - id: publish
       env:
         CLIENT_ID: ${{ inputs.client-id }}
         CLIENT_SECRET: ${{ inputs.client-secret }}
-        BUILD_TYPE: ${{ inputs.build-type }}
-        SCM_TYPE: ${{ inputs.scm-type }}
         BUILDPACK: ${{ inputs.buildpack }}
         VES_DOCKER: /usr/bin/docker
       run: ${{ github.action_path }}/publish.sh

diff --git a/.github/actions/srp-helper/publish-container/publish.sh b/.github/actions/srp-helper/publish-container/publish.sh
@@ -25,30 +25,26 @@ srp provenance action import-cmd --cmd "make base_url=$url registry.location=oth
 observer_agent -m start_observer -e "${SRP_WORKING_DIR}"/required-envs.sh -S
 source "${SRP_WORKING_DIR}"/required-envs.sh set
 
-echo "VES_DOCKER set to $VES_DOCKER"
-
 make base_url=$url registry.location=other REGISTRY=$registry $target
 
 source "${SRP_WORKING_DIR}"/required-envs.sh unset
 rm "${SRP_WORKING_DIR}/required-envs.sh"
 observer_agent -m stop_observer -f network_provenance.json
 
-key="${registry}/${buildpack}-buildpack:${version}"
+key="${registry}/${BUILDPACK}-buildpack:${version}"
 echo "key set to ${key}"
 action="publish"
-image="${registry}/${buildpack}-buildpack:${version}"
+image="${registry}/${BUILDPACK}-buildpack:${version}"
 srp provenance add-output docker \
     	--set-key="${key}" \
     	--action-key="${action}" \
     	--name="${image%%@*}" \
     	--location="${image%%@*}" \
     	--digest="${image##*@}"
 
-srp provenance add-input syft --output-key="${key}"
+srp provenance add-input syft --scan-target="${key}" --output-key="${key}"
 
 srp provenance action import-observation --name="publish" --file=network_provenance.json
 srp provenance action stop
 
 cat "${SRP_WORKING_DIR}"/_provenance.json
-
-#echo "::set-output name=provenance-file::${SRP_WORKING_DIR}/_provenance.json"
diff --git a/.github/workflows/create-buildpack-release.yaml b/.github/workflows/create-buildpack-release.yaml
@@ -78,8 +78,8 @@ jobs:
         with:
           client-id: ${{ secrets.SRP_CLIENT_ID }}
           client-secret: ${{ secrets.SRP_CLIENT_SECRET }}
-        env:
           buildpack: ${{ github.event.inputs.buildpack }}
+        env:
           url: ${{ env.DEPENDENCY_BASE_URL }}
           registry: "${{ env.REGISTRY }}/${{ env.CONTAINER_PATH }}"
           target: "buildpacks.${{ github.event.inputs.buildpack }}.images.publish"