{"id":13644215,"url":"https://github.com/rad-security/kbom","last_synced_at":"2025-04-21T07:30:31.053Z","repository":{"id":156182368,"uuid":"631953899","full_name":"rad-security/kbom","owner":"rad-security","description":"KBOM - Kubernetes Bill of Materials","archived":false,"fork":false,"pushed_at":"2024-05-31T10:19:56.000Z","size":223,"stargazers_count":270,"open_issues_count":13,"forks_count":20,"subscribers_count":9,"default_branch":"main","last_synced_at":"2024-05-31T11:11:59.346Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rad-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-24T12:10:52.000Z","updated_at":"2024-05-31T11:12:09.754Z","dependencies_parsed_at":"2024-04-04T17:50:01.584Z","dependency_job_id":"ef8b4cb5-737b-4aa7-83b3-33aae5f3e222","html_url":"https://github.com/rad-security/kbom","commit_stats":null,"previous_names":["rad-security/kbom"],"tags_count":17,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fkbom","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fkbom/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fkbom/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fkbom/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rad-security","download_url":"https://codeload.github.com/rad-security/kbom/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250014533,"owners_count":21360969,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T01:01:59.240Z","updated_at":"2025-04-21T07:30:31.044Z","avatar_url":"https://github.com/rad-security.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"# KBOM - Kubernetes Bill of Materials\n\n![GitHub release (latest by date)](https://img.shields.io/github/v/release/rad-security/kbom)\n![Hex.pm](https://img.shields.io/hexpm/l/apa)\n[![Go Report Card](https://goreportcard.com/badge/github.com/rad-security/kbom)](https://goreportcard.com/report/github.com/rad-security/kbom)\n[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/7273/badge)](https://bestpractices.coreinfrastructure.org/projects/7273)\n\nThe Kubernetes Bill of Materials (KBOM) standard provides insight into container orchestration tools widely used across the industry.\n\nAs a first draft, we have created a rough specification which should fall in line with other Bill of Materials (BOM) standards.\n\nThe KBOM project provides an initial specification in JSON and has been constructed for extensibilty across various cloud service providers (CSPs) as well as DIY Kubernetes.\n\n## Getting Started\n\n### Download KBOM\nIf you prefer to download the binary, you can do so from the [releases page](https://github.com/rad-security/kbom/releases).\n\n### Installation\n\n```sh\nbrew install rad-security/homebrew-kbom/kbom\n```\n\nor\n\n```sh\nmake build\n```\n\n### Usage\n\n`KBOM generate` generates a KBOM file for your Kubernetes cluster\n\n```sh\nkbom generate [flags]\n```\n\nOptional flags include:\n\n```plain\nFlags:\n  -f, --format string     Format (json, yaml, cyclonedx-json, cyclonedx-xml) (default \"json\")\n  -h, --help              help for generate\n  -p, --out-path string   Path to write KBOM file to. Works only with --output=file (default \".\")\n  -o, --output string     Output (stdout, file) (default \"stdout\")\n      --short             Short - only include metadata, nodes, images and resources counters\n```\n\n## Schema\n\nThe high level object model can be found [here](docs/schema.md).\n\n## Supported Kubernetes Versions\n\nWe have tested *kbom* with all versions newer than *v1.19*, and can confirm that it is fully compatible with each of these versions. This means that you can use our tool with confidence, knowing that it has been thoroughly tested with.\n\n## Supported Cloud Providers\n\nWe have tested our tool with all of the main cloud providers, including `Azure`, `AWS`, and `Google Cloud`. Of course it's possible to generate `kbom` file for any K8s cluster, but please have in mind that in some cases not all metadata entries will be set.\n\n## Contributing\n\nKBOM is Apache 2.0 licensed and accepts contributions via GitHub pull requests. See the [CONTRIBUTING](CONTRIBUTING.md) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frad-security%2Fkbom","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frad-security%2Fkbom","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frad-security%2Fkbom/lists"}