Merge pull request #1 from ivanvanderbyl/ensignia/add-baseline-workflow #2

	name: Ensignia
	on:
	pull_request:
	push:
	branches:
	- main

	env:
	ENSIGNIA_API_HOST: https://staging-control-plane.ensignia.dev

	jobs:
	sbom:
	name: Ensignia Security Scan
	runs-on: ubuntu-latest
	permissions:
	contents: read
	id-token: write
	steps:
	- uses: actions/checkout@v3
	- uses: ensigniasec/[email protected]

	- name: Generate SBOM
	run: syft -q packages dir:./ -o spdx-json > build.spdx-sbom.json

	- uses: actions/upload-artifact@v4
	with:
	name: build.spdx-sbom.json
	path: build.spdx-sbom.json

	- name: Upload SBOM
	run: sigctl submit ./build.spdx-sbom.json

Provide feedback