container-sbom

companion repo for the talk "containers as your SBOM" held first time: https://snescm.org/Common/SCM-day-22/

Installation

Note: I assume that you have docker installed already in the following steps..

Docker sbom is a tool to generate a software bill of materials (SBOM) for a docker image.

Link: https://github.com/docker/sbom-cli-plugin

Usage

Backend

# in /python/backend folder
docker build -t backend .
#docker plugin install docker/sbom-cli-plugin
docker sbom backend
docker sbom backend --format cyclonedx-json > cyclone.json
grype sbom:./cyclone.json
docker run --rm -i hadolint/hadolint < Dockerfile

Frontend

# in /python/frontend folder
docker build -t frontend .
#docker plugin install docker/sbom-cli-plugin
docker sbom frontend
docker sbom frontend --format cyclonedx-json > cyclone.json
grype sbom:./cyclone.json
docker run --rm -i hadolint/hadolint < Dockerfile

License

docker run aquasec/trivy image --security-checks license praqmasofus/mypy

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
.github/workflows		.github/workflows
ci		ci
go		go
python		python
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

container-sbom

Installation

Usage

About

Uh oh!

Releases

Packages

Uh oh!

Languages

eficode-academy/container-sbom

Folders and files

Latest commit

History

Repository files navigation

container-sbom

Installation

Usage

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages