2023-01-18 11:33:10 -05:00
|
|
|
name: Install Syft & Grype
|
|
|
|
description: Installs Syft & Grype.
|
|
|
|
runs:
|
|
|
|
using: "composite"
|
|
|
|
steps:
|
|
|
|
- name: Install Syft & Grype
|
|
|
|
shell: bash
|
|
|
|
working-directory: /tmp
|
|
|
|
env:
|
2023-02-22 08:17:02 -05:00
|
|
|
SYFT_VERSION: "0.72.0"
|
|
|
|
GRYPE_VERSION: "0.57.1"
|
2023-01-18 11:33:10 -05:00
|
|
|
OS: ${{ runner.os }}
|
|
|
|
ARCH: ${{ runner.arch }}
|
|
|
|
run: |
|
|
|
|
echo "::group::Download and Install Syft & Grype"
|
|
|
|
# Translate GitHub runner naming conventions to GOOS / GOARCH conventions
|
|
|
|
if [[ "${OS}" = "macOS" ]]; then
|
|
|
|
OS="darwin"
|
|
|
|
else
|
|
|
|
OS=${OS,,}
|
|
|
|
fi
|
2023-02-22 08:17:02 -05:00
|
|
|
|
2023-01-18 11:33:10 -05:00
|
|
|
if [[ "${ARCH}" = "X64" ]]; then
|
|
|
|
ARCH="amd64"
|
|
|
|
else
|
|
|
|
ARCH=${ARCH,,}
|
|
|
|
fi
|
2023-02-22 08:17:02 -05:00
|
|
|
|
2023-01-18 11:33:10 -05:00
|
|
|
echo "Downloading for ${OS}/${ARCH}"
|
2023-02-22 08:17:02 -05:00
|
|
|
|
2023-01-18 11:33:10 -05:00
|
|
|
curl -fsSLo syft_${SYFT_VERSION}_${OS}_${ARCH}.tar.gz https://github.com/anchore/syft/releases/download/v${SYFT_VERSION}/syft_${SYFT_VERSION}_${OS}_${ARCH}.tar.gz
|
|
|
|
tar -xzf syft_${SYFT_VERSION}_${OS}_${ARCH}.tar.gz
|
|
|
|
sudo install syft /usr/bin/syft
|
|
|
|
curl -fsSLo grype_${GRYPE_VERSION}_${OS}_${ARCH}.tar.gz https://github.com/anchore/grype/releases/download/v${GRYPE_VERSION}/grype_${GRYPE_VERSION}_${OS}_${ARCH}.tar.gz
|
|
|
|
tar -xzf grype_${GRYPE_VERSION}_${OS}_${ARCH}.tar.gz
|
|
|
|
sudo install grype /usr/bin/grype
|
2023-03-07 08:48:50 -05:00
|
|
|
|
|
|
|
echo "::endgroup::"
|
|
|
|
syft version
|
2023-01-18 11:33:10 -05:00
|
|
|
grype version
|