fix: add error handling for empty build digest in Syft SBOM scan

2026-03-07 12:04:15 +00:00
parent c144bb2b97
commit 104f0eb6ee
1 changed files with 6 additions and 1 deletions
--- a/.github/workflows/nightly-build.yml
+++ b/.github/workflows/nightly-build.yml
@@ -272,7 +272,12 @@ jobs:
          tar -xzf "$TARBALL" syft
          chmod +x syft

-          ./syft "${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:nightly@${{ steps.build.outputs.digest }}" -o cyclonedx-json=sbom-nightly.json
+          DIGEST="${{ steps.build.outputs.digest }}"
+          if [[ -z "$DIGEST" ]]; then
+            echo "::error::Build digest is empty; cannot construct a valid image reference for Syft SBOM scan"
+            exit 1
+          fi
+          ./syft "${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@${DIGEST}" -o cyclonedx-json=sbom-nightly.json

      - name: Verify SBOM artifact
        if: always()