Closed terriko closed 1 year ago
Took a quick look at this to fill in enough info to mark it as beginner friendly.
The changes will need to go into the update sbom workflow config, which can be found here: https://github.com/intel/cve-bin-tool/blob/main/.github/workflows/sbom.yml
To run something only on the main repo you can use the following logic:
if: github.repository == 'intel/cve-bin-tool'
You can see how that works in the update-cache job here: https://github.com/intel/cve-bin-tool/blob/main/.github/workflows/update-cache.yml
So basically, edit the sbom.yml file to include that if line in the appropriate place, similar to what you find in update-cache.yml.
And because I marked this as a good first issue, here's the new contributor tips:
Short tips for new contributors:
Claiming issues:
I look forward to work on this issue!
Description
Currently, I'm getting a bunch of messages saying that sbom generation failed on a few people's forks. I suspect that we need to change the workflow file so that it only runs the sbom updates on the main repo.
Version/platform info
Running in any particular CI environment we should know about? Github Actions