Adds save and retrieve image sboms

anchore / anchore-engine

A service that analyzes docker images and scans for vulnerabilities

Apache License 2.0

1.58k stars 271 forks source link

Adds save and retrieve image sboms #1336

Closed zhill closed 2 years ago

zhill commented 2 years ago

Saves raw syft analysis output and makes it available from GET /images//sboms/native.

Still needs to add analysis archive/restore logic to include this data.

zhill commented 2 years ago

The FilteringAdapter and the adapters.py module is just a movement of code from elsewhere, not a change in logic for format of the actual artifacts. My intent was to create a place we can start swapping or enhancing implementations for those mappings as we move from the legacy analysis report and start relying on the full advanced features of syft itself.

Vijay-P commented 2 years ago

This looks great! A few nits about imports. Note that adapters refactor will break the source analyzer in enterprise, so we will need a follow-up PR to change import paths in enterprise.