Removing duplicate composer setup and aggregating actions in composite step

ekovalets · ekovalets · commit 91b6a19c89ce · 2025-12-17T05:31:35.000Z
diff --git a/.github/actions/sbom-update/action.yml b/.github/actions/sbom-update/action.yml
@@ -9,13 +9,18 @@ inputs:
 runs:
   using: composite
   steps:
+    - name: Allow CycloneDX plugin
+      shell: bash
+      run: ./composer config allow-plugins.cyclonedx/cyclonedx-php-composer true
+    - name: Install CycloneDX plugin
+      shell: bash
+      run: ./composer require --dev cyclonedx/cyclonedx-php-composer --ignore-platform-reqs
     - name: Generate SBOM
       shell: bash
       working-directory: ${{ inputs.working-directory }}
       run: |
         echo "Generating SBOM for 'php' project..."
-        ./composer CycloneDX:make-sbom --output-file=sbom.json --output-format=json --spec-version=1.5
-
+        ./composer CycloneDX:make-sbom --output-file=${{ inputs.output-file }} --output-format=json --spec-version=1.5
     - name: Validate SBOM
       shell: bash
       run: |
diff --git a/.github/actions/setup-sbom/action.yml b/.github/actions/setup-sbom/action.yml
diff --git a/.github/workflows/release-with-sbom.yml b/.github/workflows/release-with-sbom.yml
@@ -58,55 +58,28 @@ jobs:
       #
       # Preliminary checks done - generate SBOM before tagging
       #
-
-      - name: "Setup PHP environment"
-        id: setup-php
-        uses: ./.github/actions/setup
-        with:
-          php-version: ${{ env.PHP_VERSION }}
-          driver-version: ${{ env.DRIVER_VERSION }}
-          working-directory: '.'
-        continue-on-error: true
       
       - name: Checkout repository (Base Branch)
         uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.base.ref }}
           token: ${{ secrets.GITHUB_TOKEN }}
-          fetch-depth: 1
-
-      - name: Setup PHP environment
+          fetch-depth: 0
+      - name: "Setup PHP environment"
+        id: setup-php
         uses: ./.github/actions/setup
         with:
           php-version: ${{ env.PHP_VERSION }}
           driver-version: ${{ env.DRIVER_VERSION }}
           working-directory: '.'
-
-      - name: "Generate/Update composer.lock"
-        id: composer-lock
-        run: |
-          echo "Resolving dependencies and generating composer.lock..."
-          composer update --lock --no-install --ignore-platform-reqs
-          echo "composer.lock generated with resolved versions"
-        continue-on-error: true
-
-      - name: "Setup SBOM environment"
-        id: setup-sbom
-        if: steps.composer-lock.outcome == 'success'
-        uses: ./.github/actions/setup-sbom
         continue-on-error: true
-
-      - name: "Generate SBOM"
+      - name: "Generate SBOM with CycloneDX"
         id: generate-sbom
-        if: steps.setup-sbom.outcome == 'success'
+        if: steps.setup-php.outcome == 'success'
         uses: ./.github/actions/sbom-update
         with:
-          php-version: ${{ env.PHP_VERSION }}
-          working-directory: '.'
           output-file: ${{ env.SBOM_FILE }}
-          output-format: 'json'
         continue-on-error: true
-
       - name: "Check for SBOM changes"
         id: sbom_status
         if: steps.generate-sbom.outcome == 'success'
@@ -138,16 +111,17 @@ jobs:
           git add ${{ env.SBOM_FILE }}
           git commit -m "chore: Update SBOM for release ${{ inputs.version }}"
           git push
-          echo "📦 SBOM updated and committed" >> $GITHUB_STEP_SUMMARY
+          echo "SBOM updated and committed" >> $GITHUB_STEP_SUMMARY
         continue-on-error: true
 
       - name: "Report SBOM status"
         run: |
           if [[ "${{ steps.generate-sbom.outcome }}" == "success" ]]; then
-            echo "✅ SBOM generation completed successfully" >> $GITHUB_STEP_SUMMARY
+            echo "SBOM generation completed successfully" >> $GITHUB_STEP_SUMMARY
           else
-            echo "⚠️ SBOM generation skipped or failed - continuing with release" >> $GITHUB_STEP_SUMMARY
+            echo "SBOM generation skipped or failed - continuing with release" >> $GITHUB_STEP_SUMMARY
           fi
+
       #
       # Preliminary checks done - commence the release process
       #
