Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
BSD 2-Clause "Simplified" License
967
stars
188
forks
source link
Support `docker build` arguments for `tern sbom -f Dockerfile` and `tern lock` #1248
Support all/most of the docker buildx build CLI arguments when calling either tern sbom -f Dockerfile or tern lock -f Dockerfile. tern builds the Dockerfile itself for most features to work, but doesn't support any of the arguments necessary to do so.
Use Cases
Almost all non-trivial builds using docker build or docker buildx build have CLI arguments to set things like --buildarg, --target, and --tag (among others). Currently tern requires it be the image builder for tern lock or tern sbom -f Dockerfile.
Implementation Changes
Presumably either all docker buildx build arguments need to be replicated so they can be captured and passed thru, or all unrecognized arguments to a tern command that's going to run a docker build need to be passed thru.
Describe the Feature
Support all/most of the
docker buildx buildCLI arguments when calling eithertern sbom -f Dockerfileortern lock -f Dockerfile.ternbuilds the Dockerfile itself for most features to work, but doesn't support any of the arguments necessary to do so.Use Cases
Almost all non-trivial builds using
docker buildordocker buildx buildhave CLI arguments to set things like--buildarg,--target, and--tag(among others). Currentlyternrequires it be the image builder fortern lockortern sbom -f Dockerfile.Implementation Changes
Presumably either all
docker buildx buildarguments need to be replicated so they can be captured and passed thru, or all unrecognized arguments to a tern command that's going to run a docker build need to be passed thru.