https://github.com/eficode-academy/container-sbom
companion repo for the talk "containers as your SBOM" held first time: https://snescm.org/Common/SCM-day-22/
https://github.com/eficode-academy/container-sbom
Last synced: 2 months ago
JSON representation
companion repo for the talk "containers as your SBOM" held first time: https://snescm.org/Common/SCM-day-22/
- Host: GitHub
- URL: https://github.com/eficode-academy/container-sbom
- Owner: eficode-academy
- Created: 2022-10-12T12:21:55.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-11-24T13:24:00.000Z (over 2 years ago)
- Last Synced: 2025-01-11T21:23:21.516Z (4 months ago)
- Language: Python
- Size: 4.61 MB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# container-sbom
companion repo for the talk "containers as your SBOM" held first time: https://snescm.org/Common/SCM-day-22/
## Installation
> Note: I assume that you have docker installed already in the following steps..
Docker sbom is a tool to generate a software bill of materials (SBOM) for a docker image.
Link: https://github.com/docker/sbom-cli-plugin
## Usage
**Backend**
```bash
# in /python/backend folder
docker build -t backend .
#docker plugin install docker/sbom-cli-plugin
docker sbom backend
docker sbom backend --format cyclonedx-json > cyclone.json
grype sbom:./cyclone.json
docker run --rm -i hadolint/hadolint < Dockerfile
```
**Frontend**
```bash
# in /python/frontend folder
docker build -t frontend .
#docker plugin install docker/sbom-cli-plugin
docker sbom frontend
docker sbom frontend --format cyclonedx-json > cyclone.json
grype sbom:./cyclone.json
docker run --rm -i hadolint/hadolint < Dockerfile
```
**License**
docker run aquasec/trivy image --security-checks license praqmasofus/mypy