included for registry1 and upstream

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
defenseunicorns · Mar 31, 2024 · 709caec · 709caec
1 parent 1a7d0d9
commit 709caec
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/tasks/scanvulnerability.yaml b/tasks/scanvulnerability.yaml
@@ -4,9 +4,12 @@ tasks:
     description: Create a UDS package with configurable flavor and extract the SBOM from all created packages and analyze for vulnerabilities
     actions:
       - cmd: |
-          uds zarf package create . --flavor=upstream --confirm --no-progress -o sbom
-          for file in sbom/*.zst; do
-            uds zarf package inspect "$file" --sbom-out ./sbom --no-progress;
+          flavors=("upstream" "registry1")
+          for flavor in "${flavors[@]}"; do
+            uds zarf package create . --flavor="$flavor" --confirm --no-progress -o sbom
+            for file in sbom/*.zst; do
+              uds zarf package inspect "$file" --sbom-out ./sbom --no-progress;
+            done
           done
           if ! command -v grype &> /dev/null; then
             echo "Grype could not be found, installing..."
@@ -21,3 +24,4 @@ tasks:
             done
           ' sh {} +
           echo "All SBOM files processed and analyzed for vulnerabilities."
+