passing Syft configuration parameters

[fridolin-koch]

Hi,

I followed the instructions here https://docs.docker.com/build/metadata/attestations/sbom/ and successfully added the sbom information to a Go based docker image. I noticed the licence info is empty though. After checking the Syft docs and running the locally with SYFT_GOLANG_SEARCH_REMOTE_LICENSES the info was included.

Anyway, I was wondering how I can use the configuration values described here https://github.com/anchore/syft/wiki/Configuration#list-of-configurable-values

As far as I understand the code, the config is hardcoded, at least that's how I understand the code here

buildkit-syft-scanner/internal/target.go

Lines 56 to 63 in 9059e71

	result, err := syft.CreateSBOM(
	ctx,
	src,
	syft.DefaultCreateSBOMConfig().
	WithCatalogerSelection(sr))
	if err != nil {
	return sbom.SBOM{}, err
	}

Is there any a to pass the configuration parameters mentioned in the Syft configuration to the scanner?

Thank you,
Frido