Add hab path

Signed-off-by: sandhi <sagarwal@progress.com>

Author: sandhi18

.github/workflows/ci-main-pull-request.yml

@@ -196,6 +196,10 @@ on:
         required: false
         type: string
         default: 'stable'
+      grype-hab-path:
+        description: "Path to built Habitat package (used if build_package is true, overrides hab_origin/hab_package inputs)"
+        required: false
+        type: string
       grype-hab-scan-linux:
         description: 'Scan Linux (x86_64-linux) Habitat package'
         required: false
@@ -974,7 +978,7 @@ jobs:
   run-grype-hab-package-scan:
     name: 'Grype scan Habitat packages from bldr.habitat.sh'
     if: ${{ inputs.perform-grype-hab-scan == true }}
-    uses: chef/common-github-actions/.github/workflows/grype-hab-package-scan.yml@main
+    uses: chef/common-github-actions/.github/workflows/grype-hab-package-scan.yml@sandhi/add-hab-path
     needs: checkout
     secrets: inherit
     with:
@@ -984,6 +988,7 @@ jobs:
       hab_version: ${{ inputs.grype-hab-version }}
       hab_release: ${{ inputs.grype-hab-release }}
       hab_channel: ${{ inputs.grype-hab-channel }}
+      hab_path: ${{ inputs.grype-hab-path }}
       scan-linux: ${{ inputs.grype-hab-scan-linux }}
       scan-windows: ${{ inputs.grype-hab-scan-windows }}
       scan-macos: ${{ inputs.grype-hab-scan-macos }}

.github/workflows/grype-hab-package-scan.yml

@@ -88,6 +88,10 @@ on:
         required: false
         type: boolean
         default: false
+      hab_path:
+        description: "Path to built Habitat package (used if build_package is true, overrides hab_origin/hab_package inputs)"
+        required: false
+        type: string
 
 jobs:
   habitat-grype-scan-linux:
@@ -139,7 +143,12 @@ jobs:
             hab origin key download --auth $HAB_AUTH_TOKEN --secret $HAB_ORIGIN
             echo "--- running linux hab build"
             export BUILD_ARGS="-X 'main.version=${{ inputs.hab_version }}' -X 'main.build_date_time=$(date -u +%Y-%m-%dT%H:%M:%SZ)'"
-            hab pkg build .
+            if [ -z "${{ inputs.hab_path }}" ]; then
+                hab pkg build .
+            else
+                hab pkg build ${{ inputs.hab_path }}
+            fi
+            
             hartifacts=$(ls results/*.hart)
             if [ -f "$hartifacts" ]; then
                 echo "Built package artifact: $hartifacts"
@@ -322,7 +331,12 @@ jobs:
             hab origin key download $env:HAB_ORIGIN
             hab origin key download --auth $env:HAB_AUTH_TOKEN --secret $env:HAB_ORIGIN
             write-output "--- running windows hab build"
-            hab pkg build .
+            if ([string]::IsNullOrEmpty("${{ inputs.hab_path }}")) {
+                hab pkg build .
+            } else {
+                hab pkg build ${{ inputs.hab_path }}
+            }
+            # hab pkg build .
 
       - name: Extract built package info
         if: ${{ inputs.build_package == true }}
@@ -521,7 +535,12 @@ jobs:
             elif [ -n "${{ secrets.HAB_AUTH_TOKEN }}" ]; then
                 export HAB_AUTH_TOKEN="${{ secrets.HAB_AUTH_TOKEN }}"
             fi
-            hab pkg build .
+            if [ -z "${{ inputs.hab_path }}" ]; then
+                hab pkg build .
+            else
+                hab pkg build ${{ inputs.hab_path }}
+            fi
+            # hab pkg build .
 
       - name: Extract built package info
         if: ${{ inputs.build_package == true }}