Create SBOM for images - Githubissues

infinite-omicron / pentesting-vm

Penetration Testing Virtual Machine

GNU General Public License v3.0

2 stars 2 forks source link

Create SBOM for images #36

Open oxr463 opened 1 year ago

oxr463 commented 1 year ago

Reference(s):

https://github.com/anchore/syft

oxr463 commented 1 year ago

syft docker:ghcr.io/infinite-omicron/pentesting:latest -o spdx-json

oxr463 commented 1 year ago

Spin up the virtual machine:

cd vagrant
vagrant up
vagrant ssh output

Install and run syft:

sudo su # escalate to root
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
exit # return to vagrant user
syft packages alpine:latest -o spdx-json

Reference(s):

https://github.com/anchore/syft#recommended