CloudBees action: Generate an software bill of materials with Syft

1 minute read

Use this action to generate a software bill of materials (SBOM) from a container image or filesystem with the open-source Syft scanner from Anchore. Generate SBOMs to provide dependency visibility.

All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Inputs

Table 1. Input details
Input name Data type Required? Description

binary-tar-path

String

Yes

The path of the binary to be scanned.

The binary file must be in the TAR format.

Usage example

In your YAML file, add:

- name: Generate an SBOM with Syft uses: cloudbees-io/syft-sbom-plugin@v1 with: binary-tar-path: /path/to/binary.tar