obom

package

v0.0.2 Latest Latest Go to latest Published: Aug 18, 2023 License: MIT Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Azure/obom

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetAnnotations(sbom *v2_3.Document) (map[string]string, error)
func GetFiles(sbom *v2_3.Document) ([]string, error)
func GetPackages(sbom *v2_3.Document) ([]string, error)
func LoadSBOMFromFile(filename string) (*v2_3.Document, *oci.Descriptor, []byte, error)
func LoadSBOMFromReader(reader io.ReadCloser, size int64) (*v2_3.Document, *oci.Descriptor, []byte, error)
func PushSBOM(sbomDoc *v2_3.Document, sbomDescriptor *v1.Descriptor, sbomBytes []byte, ...) error
type CredentialsResolver

Constants ¶

View Source

const (
	MEDIATYPE_SPDX                    = "application/spdx+json"
	OCI_ANNOTATION_DOCUMENT_NAME      = "org.spdx.name"
	OCI_ANNOTATION_DATA_LICENSE       = "org.spdx.license"
	OCI_ANNOTATION_DOCUMENT_NAMESPACE = "org.spdx.namespace"
	OCI_ANNOTATION_SPDX_VERSION       = "org.spdx.version"
	OCI_ANNOTATION_CREATION_DATE      = "org.spdx.created"
	OCI_ANNOTATION_ANNOTATOR          = "org.spdx.annotator"
	OCI_ANNOTATION_ANNOTATION_DATE    = "org.spdx.annotation_date"
)

View Source

const (
	APPLICATION_USERAGENT = "obom"
)

Variables ¶

This section is empty.

Functions ¶

func GetAnnotations ¶

func GetAnnotations(sbom *v2_3.Document) (map[string]string, error)

GetAnnotations returns the annotations from the SBOM

func GetFiles ¶

func GetFiles(sbom *v2_3.Document) ([]string, error)

func GetPackages ¶

func GetPackages(sbom *v2_3.Document) ([]string, error)

GetPackages returns the packages from the SBOM

func LoadSBOMFromFile ¶

func LoadSBOMFromFile(filename string) (*v2_3.Document, *oci.Descriptor, []byte, error)

LoadSBOMFromFile opens a file given by filename, reads its contents, and loads it into an SPDX document. It also calculates the file size and generates an OCI descriptor for the file. It returns the loaded SPDX document, the OCI descriptor, and any error encountered.

func LoadSBOMFromReader ¶

func LoadSBOMFromReader(reader io.ReadCloser, size int64) (*v2_3.Document, *oci.Descriptor, []byte, error)

LoadSBOMFromReader reads an SPDX document from an io.ReadCloser, generates an OCI descriptor for the document, and returns the loaded SPDX document and the OCI descriptor. The size parameter is the size of the document in bytes. If an error occurs during reading the document or generating the descriptor, the error will be returned.

func PushSBOM ¶ added in v0.0.2

func PushSBOM(sbomDoc *v2_3.Document, sbomDescriptor *v1.Descriptor, sbomBytes []byte, reference string, spdx_annotations map[string]string, credsResolver CredentialsResolver) error

PushSBOM pushes the SPDX SBOM bytes to the registry as an OCI artifact. It takes in a pointer to an SPDX document, a pointer to a descriptor, a byte slice of the SBOM, a reference string, a map of SPDX annotations, and a credentials resolver function. It returns an error if there was an issue pushing the SBOM to the registry.

Types ¶

type CredentialsResolver ¶ added in v0.0.2

type CredentialsResolver = func(context.Context, string) (auth.Credential, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL