Commit ca916d2
feat: auto-upload SBOM artifacts from post step
SBOM files are written by cimon after the build finishes, but the
container snapshot calls (dpkg, symlinks, cmake versions) add latency.
User upload-artifact steps that run immediately after the build may
not find the SBOM files yet.
The post step runs cimon agent stop which guarantees all SBOMs are
flushed to disk before returning. Upload SBOM files as a `cimon-sbom`
artifact directly from the post step, removing the need for users to
add their own upload step with timing hacks.
The upload is best-effort: errors produce a warning but never fail the
workflow. Non-SBOM workflows are unaffected (no files to upload = no-op).
Also adds @actions/artifact@2 dependency.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>1 parent c3e04e9 commit ca916d2
4 files changed
Lines changed: 129325 additions & 2913 deletions
0 commit comments