Skip to content

project-stacker/stacker-bom

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
.github
.github
 
 
cmd/bom
cmd/bom
 
 
doc
doc
 
 
errors
errors
 
 
pkg
pkg
 
 
test
test
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
golangcilint.yaml
golangcilint.yaml
 
 
sbom.go
sbom.go
 
 

Repository files navigation

stacker-bom: a SBOM workflow tool/library for container image builds

build-test CodeQL

Originally intended as a stacker companion tool to help with container image builds but anyone should be able to use it.

It uses https://github.com/kubernetes-sigs/bom and https://github.com/anchore/syft as its core BOM libraries.

Rationale

  • Every component of a container image must be accounted for
  • Source/build time tooling since most context is available at this time
  • Easily integrate with stacker

About

A stacker companion SBOM generator library and tool

github.com/project-stacker/sbom

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 7

v0.0.7 Latest
May 9, 2024
6 releases

Packages

No packages published

Languages