fix: ensure sbom is copied to output-file

Before this, the sbom file would only be copied to `output-file` if `upload-artifact` is true. However, the file may still be useful if upload is not enabled.
anchore · Apr 10, 2023 · e364f71 · e364f71
1 parent 642f63c
commit e364f71
Showing 1 changed file with 8 additions and 13 deletions.
diff --git a/src/github/SyftGithubAction.ts b/src/github/SyftGithubAction.ts
@@ -269,24 +269,14 @@ export function getSha(): string {
 
 /**
  * Uploads a SBOM as a workflow artifact
- * @param contents SBOM file contents
+ * @param filePath path to the SBOM file
  */
-export async function uploadSbomArtifact(contents: string): Promise<void> {
+export async function uploadSbomArtifact(filePath: string): Promise<void> {
   const { repo } = github.context;
   const client = getClient(repo, core.getInput("github-token"));
-
   const fileName = getArtifactName();
-
-  const filePath = `${tempDir}/${fileName}`;
-  fs.writeFileSync(filePath, contents);
-
   const retentionDays = parseInt(core.getInput("upload-artifact-retention"));
 
-  const outputFile = core.getInput("output-file");
-  if (outputFile) {
-    fs.copyFileSync(filePath, outputFile);
-  }
-
   core.info(dashWrap("Uploading workflow artifacts"));
   core.info(filePath);
 
@@ -384,8 +374,13 @@ export async function runSyftAction(): Promise<void> {
       core.debug(`Prior artifact: ${priorArtifact}`);
     }
 
+    const outputFile = core.getInput("output-file");
+    if (outputFile) {
+        fs.writeFileSync(outputFile, contents);
+    }
+
     if (doUpload) {
-      await uploadSbomArtifact(output);
+      await uploadSbomArtifact(outputFile);
 
       core.exportVariable(PRIOR_ARTIFACT_ENV_VAR, getArtifactName());
     }