From da4a304aa27abfc459f0a7d4c008c0e952efd492 Mon Sep 17 00:00:00 2001
From: Surendra Pathak <surendra.pathak@interlynk.io>
Date: Thu, 26 Oct 2023 11:08:44 -0700
Subject: [PATCH 1/2] sbomgr SBOM push workflow

- Push CDX SBOM from sbomex to Interlynk
---
 .github/workflows/sbom.yml | 39 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 .github/workflows/sbom.yml

diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
new file mode 100644
index 0000000..650be60
--- /dev/null
+++ b/.github/workflows/sbom.yml
@@ -0,0 +1,39 @@
+name: Build and Push SBOM to Interlynk
+
+on:
+  push:
+    branches:
+      - main # Adjust to your main branch name
+  pull_request:
+    branches:
+      - main # Adjust to your main branch name
+
+jobs:
+  build-sbom:
+    name: SBOM build and Push to Platform
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: write
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3 
+        with:
+            fetch-depth: 0
+      - name: Download syft binary
+        run: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
+      - name: Run syft
+        run: syft version
+      - name: Get Tag
+        id: get_tag
+        run: echo "tag=$(git describe --tags HEAD)" > $GITHUB_ENV
+      - name: Build SBOM
+        run: |
+          syft --source-name 'sbomex' --source-version ${{ env.tag }} --exclude ./public -o cyclonedx-json --file sbomex.cdx.json .
+      - name: Upload SBOM
+        run: |
+          curl -v "https://api.interlynk.io/lynkapi" \
+            -H "Authorization: Bearer ${{ secrets.INTERLYNK_SECURITY_TOKEN }}" \
+            -F 'operations={"query":"mutation uploadSbom($doc: Upload!, $projectId: ID!) { sbomUpload(input: { doc: $doc, projectId: $projectId }) { errors } }","variables":{"doc":null,"projectId": "${{ vars.INTERLYNK_PRODUCT_ID }}" }}' \
+            -F 'map={"0":["variables.doc"]}' \
+            -F '0=@"sbomex.cdx.json";type=application/json'

From 585ee3dac1feab78fe79e26bfbf2712f3efb854f Mon Sep 17 00:00:00 2001
From: Surendra Pathak <surendra.pathak@interlynk.io>
Date: Thu, 26 Oct 2023 11:10:20 -0700
Subject: [PATCH 2/2] Update sbom.yml

Update workflow trigger
---
 .github/workflows/sbom.yml | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
index 650be60..adcc3c0 100644
--- a/.github/workflows/sbom.yml
+++ b/.github/workflows/sbom.yml
@@ -1,12 +1,9 @@
 name: Build and Push SBOM to Interlynk
 
 on:
-  push:
-    branches:
-      - main # Adjust to your main branch name
-  pull_request:
-    branches:
-      - main # Adjust to your main branch name
+  release:
+    types:
+      - created
 
 jobs:
   build-sbom: