From 5d83eaad9bfc08b10c41656f457c37fbec1ebb5b Mon Sep 17 00:00:00 2001
From: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Date: Mon, 12 Feb 2024 09:01:28 +0100
Subject: [PATCH] fix: more reliable retrieve url for Syft
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

closes #65

Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Co-authored-by: Clément Bois <clement.bois@orange.com>
---
 templates/gitlab-ci-python.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/templates/gitlab-ci-python.yml b/templates/gitlab-ci-python.yml
index 47b8be9..c609a47 100644
--- a/templates/gitlab-ci-python.yml
+++ b/templates/gitlab-ci-python.yml
@@ -1061,7 +1061,8 @@ py-sbom:
       if [[ -z "$PYTHON_SBOM_SYFT_URL" ]]
       then
         log_info "Syft version unset: retrieve latest version..."
-        PYTHON_SBOM_SYFT_URL="https://github.com$(curl https://github.com/anchore/syft/releases -s | sed -rn 's/.*href="(.*_linux_amd64\.tar\.gz)".*/\1/p')"
+        syft_version=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/anchore/syft/releases/latest | grep -o '[^/v]*$')
+        PYTHON_SBOM_SYFT_URL="https://github.com/anchore/syft/releases/download/v${syft_version}/syft_${syft_version}_linux_amd64.tar.gz"
         log_info "... use latest Syft version: \\e[32m$PYTHON_SBOM_SYFT_URL\\e[0m"
       fi
       python_sbom_syft="$PIP_CACHE_DIR/syft-$(echo "$PYTHON_SBOM_SYFT_URL" | md5sum | cut -d" " -f1)"
-- 
GitLab