From b7d2c8dad70800962324ce3995ccc6be9576faa7 Mon Sep 17 00:00:00 2001
From: MD Ashique <noorani.ashique5@gmail.com>
Date: Fri, 4 Aug 2023 16:36:51 +0530
Subject: [PATCH] Adding SBOM generation step (#135) (#136)

Signed-off-by: MD Ashique <noorani.ashique5@gmail.com>
---
 .github/workflows/build.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 5a9e2a62..070e8edc 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -106,7 +106,9 @@ jobs:
       - name: Generate SBOM manifest
         if: startsWith(github.ref, 'refs/tags/v')
         run: |
-          ./ManifestGeneratorTask --buildDropPath "build/java/${{ env.REL_VERSION }}" --packageName "Azure Functions Dapr Java Triggers and Bindings" --packageVersion "${{ env.REL_VERSION }}"
+          curl -Lo $RUNNER_TEMP/sbom-tool https://github.com/microsoft/sbom-tool/releases/latest/download/sbom-tool-linux-x64
+          chmod +x $RUNNER_TEMP/sbom-tool
+          $RUNNER_TEMP/sbom-tool generate -b ${{ env.MAVEN_OUTDIR }} -pn "Azure Functions Dapr Java Triggers and Bindings" -pv "${{ env.REL_VERSION }}"
         working-directory: ${{ env.JAVA_LIB_WORKING_DIRECTORY }}
       - name: Upload .Net artifacts
         uses: actions/upload-artifact@master