Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
Describe the bug
My container has a two line Python program whose content is this:
import numpy
print ("Hello World!")
The Docker image for the program is:
REPOSITORY TAG IMAGE ID CREATED SIZE
ternd latest d6bd8a7ee130 25 minutes ago 238MB
helloworld 0.0.1 7483191c710c 25 hours ago 1.1GB <-------
I cloned tern and then ran the following command:
$ ./docker_run.sh ternd report -f json -i helloworld:0.0.1 > output.txt
The resulting output.txt is empty:
$ ls -al output.txt
-rw-r--r-- 1 vrama 197609 0 Feb 11 21:30 output.txt
To Reproduce
Please follow similar steps as explained above.
Error in terminal
Please see above
Expected behavior
I would expect output.txt to contain SBOM details including numpy's.
Environment you are running Tern on
Enter all that apply
Tern image built on Docker: ternd latest d6bd8a7ee130 32 minutes ago 238MB
Describe the bug My container has a two line Python program whose content is this:
import numpy print ("Hello World!")
The Docker image for the program is: REPOSITORY TAG IMAGE ID CREATED SIZE ternd latest d6bd8a7ee130 25 minutes ago 238MB helloworld 0.0.1 7483191c710c 25 hours ago 1.1GB <-------
I cloned tern and then ran the following command: $ ./docker_run.sh ternd report -f json -i helloworld:0.0.1 > output.txt
The resulting output.txt is empty:
$ ls -al output.txt -rw-r--r-- 1 vrama 197609 0 Feb 11 21:30 output.txt
To Reproduce Please follow similar steps as explained above.
Error in terminal
Expected behavior I would expect output.txt to contain SBOM details including numpy's.
Environment you are running Tern on Enter all that apply
Please attach files if they exist NA