From ac9c66371f77dc843948ad5afea581bcda7e5c1f Mon Sep 17 00:00:00 2001
From: DeveloperDurpBot <DeveloperDurp@durp.info>
Date: Sun, 5 May 2024 15:44:52 +0000
Subject: [PATCH] ci: render

Rendered by https://gitlab.com/developerdurp/yml/-/pipelines/1279074171
---
 jobs/codescan.yml | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/jobs/codescan.yml b/jobs/codescan.yml
index 559a501..2c161bb 100644
--- a/jobs/codescan.yml
+++ b/jobs/codescan.yml
@@ -1,18 +1,38 @@
 .generate_sbom:
-  image: registry.internal.durp.info/anchore/syft:${SYFT_VERSION}
+  image: registry.internal.durp.info/nixos/nix:latest
   script:
+    # Begin of syft-install.sh
+    - |
+      #Syft install
+      nix-shell -p syft
+    # End of syft-install.sh
+
     # Begin of syft-mkdir.sh
     - |
       #mkdir for syft files
       mkdir $CI_PROJECT_DIR/syft
     # End of syft-mkdir.sh
+
+    # Begin of syft-go.sh
+    - |
+      #Syft scan for go
+      if [ -f "go.mod" ]; then
+          syft go.mod -o cyclonedx-json=syft/${CI_PROJECT_NAME}.sbom.json
+      fi
+    # End of syft-go.sh
   artifacts:
     expire_in: 1 hour
     paths:
       - $CI_PROJECT_DIR/syft
 .generate_cve:
-  image: registry.internal.durp.info/anchore/grype:${GRYPE_VERSION}
+  image: registry.internal.durp.info/nixos/nix:latest
   script:
+    # Begin of grype-install.sh
+    - |
+      #Syft install
+      nix-shell -p grype
+    # End of grype-install.sh
+
     # Begin of grype.sh
     - |
       #grype scan sboms