Annotate_vdr: fix reading metadata.get("tools", {}).get("components", {}), create vdr file in report folder #853

Workflow file for this run

.github/workflows/gobintests.yml at b65fc30

	name: binary and nydus tests

	on:
	pull_request:
	workflow_dispatch:
	concurrency:
	group: ${{ github.workflow }}-${{ github.head_ref \|\| github.run_id }}
	cancel-in-progress: true
	jobs:
	build:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	python-version: ['3.10', '3.11', '3.12', '3.13']
	fail-fast: true
	steps:
	- uses: actions/checkout@v4
	- name: Install uv
	uses: astral-sh/setup-uv@v5
	with:
	python-version: ${{ matrix.python-version }}
	- name: Trim CI agent
	run: \|
	chmod +x contrib/free_disk_space.sh
	./contrib/free_disk_space.sh
	- uses: oras-project/setup-oras@v1
	- name: setup nydus
	run: \|
	curl -LO https://github.com/dragonflyoss/nydus/releases/download/v2.3.1/nydus-static-v2.3.1-linux-amd64.tgz
	tar -xvf nydus-static-v2.3.1-linux-amd64.tgz
	chmod +x nydus-static/*
	mv nydus-static/* /usr/local/bin/
	rm -rf nydus-static-v2.3.1-linux-amd64.tgz nydus-static
	- name: Display Python version
	run: python -c "import sys; print(sys.version)"
	- name: Install dependencies
	run: \|
	uv sync --all-extras --all-packages --dev
	npm install -g @cyclonedx/cdxgen
	- name: Test binaries
	run: \|
	mkdir -p ${RUNNER_TEMP}/bintests ${RUNNER_TEMP}/blintdb
	curl -LO https://github.com/pkgforge/soar/releases/download/v0.5.13/soar-x86_64-linux
	chmod +x soar-x86_64-linux
	mv soar-x86_64-linux /usr/local/bin/soar
	soar install altair
	soar install rclone
	soar install rustscan
	uv run depscan --no-banner --src ${HOME}/.local/share/soar/bin --reports-dir ${GITHUB_WORKSPACE}/bintests -t binary
	ls -lh ${GITHUB_WORKSPACE}/bintests
	rm -rf ${HOME}/.local/share/soar ${VDB_HOME} ${RUNNER_TEMP}/cdxgen-temp
	env:
	BLINTDB_IMAGE_URL: "ghcr.io/appthreat/blintdb-meson:v1"
	BLINTDB_HOME: ${{ runner.temp }}/blintdb
	VDB_HOME: ${{ runner.temp }}/vdb_data_bin
	CDXGEN_TEMP_DIR: ${{ runner.temp }}/cdxgen-temp
	SCAN_DEBUG_MODE: debug
	- name: setup nydus
	run: \|
	mkdir -p $VDB_HOME
	RAFS_OUT=rafs_out
	oras pull ghcr.io/appthreat/vdb:v5-rafs -o $RAFS_OUT
	nydus-image unpack --blob $RAFS_OUT/data.rafs --output $VDB_HOME/vdb.tar --bootstrap $RAFS_OUT/meta.rafs
	tar -C $VDB_HOME -xf $VDB_HOME/vdb.tar
	rm $VDB_HOME/vdb.tar
	env:
	VDB_HOME: ${{ runner.temp }}/vdb_data_nydus
	- name: Test with nydus
	run: \|
	uv run depscan --no-banner --src ubuntu:latest --reports-dir ${GITHUB_WORKSPACE}/containertests -t docker
	rm -rf ${RUNNER_TEMP}/vdb_data_nydus ${RUNNER_TEMP}/cdxgen-temp
	docker rmi ubuntu:latest
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	VDB_HOME: ${{ runner.temp }}/vdb_data_nydus
	CDXGEN_TEMP_DIR: ${{ runner.temp }}/cdxgen-temp
	- name: Test without nydus
	run: \|
	uv run depscan --no-banner --src ubuntu:latest --reports-dir ${GITHUB_WORKSPACE}/containertests -t docker
	docker rmi ubuntu:latest
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	CDXGEN_TEMP_DIR: ${{ runner.temp }}/cdxgen-temp

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Annotate_vdr: fix reading metadata.get("tools", {}).get("components", {}), create vdr file in report folder #853

Workflow file

Annotate_vdr: fix reading metadata.get("tools", {}).get("components", {}), create vdr file in report folder #853

Uh oh!

Jobs

Run details

Workflow file for this run