From 54ffd99cdd189b67ebff5d5c8567fcbef78ae630 Mon Sep 17 00:00:00 2001
From: Sara Tasche <sara.dolores.tasche@gmail.com>
Date: Wed, 6 Mar 2024 14:53:56 +0100
Subject: [PATCH] Create anchore-syft.yml

Signed-off-by: Sara Tasche <sara.dolores.tasche@gmail.com>
---
 .github/workflows/anchore-syft.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 .github/workflows/anchore-syft.yml

diff --git a/.github/workflows/anchore-syft.yml b/.github/workflows/anchore-syft.yml
new file mode 100644
index 0000000..ab0eff8
--- /dev/null
+++ b/.github/workflows/anchore-syft.yml
@@ -0,0 +1,18 @@
+run-name: "Generate and Upload SBOM"
+on: [push, pull_request, workflow_dispatch]
+
+jobs:
+  runs-on: ubuntu-latest
+    - steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+      
+      - name: Generate SBOM
+        id: sbom_generation
+        uses: codenotary/sbom.sh-create@main
+        with:
+          scan_type: 'grypefs'
+          target: '.' # Assuming you want to scan the entire repository
+  
+      - name: Output SBOM URL
+        run: echo "The SBOM can be found at $SBOM_SHARE_URL"