Fix

cveticm · cveticm · commit 0f823d3451ae · 2025-05-28T16:14:10.000+01:00
diff --git a/.github/workflows/generate-augmented-sbom.yml b/.github/workflows/generate-augmented-sbom.yml
@@ -36,7 +36,7 @@ jobs:
 
       - name: Download Linux ARM64 binary
         run: |
-          curl -L "https://github.com/mongodb/mongodb-atlas-cli/releases/download/atlascli%2Fv${{ inputs.release_version }}/mongodb-atlas-cli_${{ inputs.release_version }}_linux_arm64.tar.gz" \
+          curl -L "https://github.com/mongodb/mongodb-atlas-cli/releases/download/atlascli%2Fv${{ inputs.release_version || '1.42.2' }}/mongodb-atlas-cli_${{ inputs.release_version || '1.42.2' }}_linux_arm64.tar.gz" \
             -o release.tar.gz
 
       - name: Extract binary
@@ -45,7 +45,7 @@ jobs:
 
       - name: Generate PURLs from binary
         run: |
-          go version -m ./mongodb-atlas-cli_${{ inputs.release_version }}_linux_arm64/bin/atlas | \
+          go version -m ./mongodb-atlas-cli_${{ inputs.release_version || '1.42.2' }}_linux_arm64/bin/atlas | \
             awk '$1 == "dep" || $1 == "=>" { print "pkg:golang/" $2 "@" $3 }' | \
             LC_ALL=C sort > purls.txt
           cat purls.txt
@@ -76,7 +76,7 @@ jobs:
             --sbom-in "/pwd/sbom_lite.json" \
             --repo "${KONDUKTO_REPO}" \
             --branch "${KONDUKTO_BRANCH_PREFIX}-linux-arm64" \
-            --sbom-out "/pwd/linux_amd64_augmented_sbom_v${{ inputs.release_version }}.json"
+            --sbom-out "/pwd/linux_amd64_augmented_sbom_v${{ inputs.release_version || '1.42.2' }}.json"
 
       - name: Get current date  
         id: date  
@@ -86,15 +86,15 @@ jobs:
       - name: Generate SSDLC report
         env:
             AUTHOR: ${{ github.actor }}
-            VERSION: ${{ inputs.release_version }}
+            VERSION: ${{ inputs.release_version || '1.42.2' }}
             AUGMENTED_SBOM_TEXT: "  - See Augmented SBOM manifests (CycloneDX in JSON format):
-                \n    - This file has been provided along with this report under the name 'linux_amd64_augmented_sbom_v${{ inputs.release_version }}.json'
+                \n    - This file has been provided along with this report under the name 'linux_amd64_augmented_sbom_v${{ inputs.release_version || '1.42.2' }}.json'
                 \n    - Please note that this file was generated on ${{ env.date }} and may not reflect the latest security information of all third party dependencies."
         run: ./build/package/gen-ssdlc-report.sh
       - name: Upload augmented SBOM as artifact
         uses: actions/upload-artifact@v4
         with:
           name: augmented_sbom_and_ssdlc_report
           path: |
-            linux-amd64-augmented-sbom-v${{ inputs.release_version }}-${{ env.date }}.json
-            ssdlc-compliance-${{ inputs.release_version }}-${{ env.date }}.md
+            linux-amd64-augmented-sbom-v${{ inputs.release_version || '1.42.2' }}-${{ env.date }}.json
+            ssdlc-compliance-${{ inputs.release_version || '1.42.2' }}-${{ env.date }}.md
