mrbusche.com

Things I've learned

Book Notes - GitHub Actions in Action

by Matt Busche on

GitHub Actions in Action

Generating an SBOM using the Microsoft SBOM tool

name: Generate SBOM
  run: |
    curl -Lo $RUNNER_TEMP/sbom-tool https://github.com/microsoft/sbomtool/releases/latest/download/sbom-tool-linux-x64
    chmod +x $RUNNER_TEMP/sbom-tool
    $RUNNER_TEMP/sbom-tool generate -b ./buildOutput -bc . -pn Test -pv 1.0.0 -ps mycompany -nsb https://sbom.mycompany.com -V Verbose

Job summaries

Here is an example that adds Markdown and plain HTML to the job summary:
  - run: echo '### Hello world! :rocket:' >> $GITHUB_STEP_SUMMARY
  - run: echo '### Love this feature! :medal_sports:' >> $GITHUB_STEP_SUMMARY
  - run: echo '<h1>Great feature!</h1>' >> $GITHUB_STEP_SUMMARY

Built-in functions in GitHub for expressions

toJSON()
fromJSON()
hashFiles()
contains(search, item)
startsWith()
endsWith()
format() // replaces values in string

Functions to check status of workflow job

success()
always()
cancelled()
failure()

Chaining workflow jobs

job_1:

job_2:
  needs: job_1
Matt Busche's Picture

About Matt Busche

Software Engineer and Wheel of Fortune Expert If this article helped you, please consider buying me a book.

Des Moines, IA https://www.mrbusche.com