forked from espressif/esp-idf
feat(ci): pass SBOM_CHECK_LOCAL_DB to esp-idf-sbom-action
esp-idf-sbom offers two ways to perform vulnerability scanning. The primary method, which is the default, uses the NVD REST API. The alternative method uses the esp-nvd-mirror repository. If there are issues with accessing the NVD REST API, it can be useful to switch to the esp-nvd-mirror easily. Allow to set the SBOM_CHECK_LOCAL_DB github repository variable to switch to esp-nvd-mirror. Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
This commit is contained in:
Frantisek Hrbata
1
.github/workflows/vulnerability_scan.yml
vendored
1
.github/workflows/vulnerability_scan.yml
vendored
@@ -27,6 +27,7 @@ jobs:
|
||||
|
||||
- name: Vulnerability scan
|
||||
env:
|
||||
SBOM_CHECK_LOCAL_DB: ${{ vars.SBOM_CHECK_LOCAL_DB }}
|
||||
SBOM_MATTERMOST_WEBHOOK: ${{ secrets.SBOM_MATTERMOST_WEBHOOK }}
|
||||
NVDAPIKEY: ${{ secrets.NVDAPIKEY }}
|
||||
uses: espressif/esp-idf-sbom-action@master
|
||||
|
||||
Reference in New Issue
Block a user