CLI Tool to generate SBOM report on chosen scope in SPDX format.
- The tool utilizes spdx-tools.
- The tool can be executed on WS Product or Project scope.
- The tool accepts additional values which are unknown to WS via
sbom_extra.json. - If not stated, the tool will access SAAS.
- If not stated, the tool will produce report in JSON format.
- Linux (Bash): CentOS, Debian, Ubuntu, RedHat
- Windows (PowerShell): 10, 2012, 2016
Python 3.6+
- Download and unzip the tool.
- Edit the file sbom_extra.json with the appropriate values to complete the report:
sbom_report.py [-h] -u WS_USER_KEY -k WS_TOKEN [-s SCOPE_TOKEN]
[-a WS_URL] [-t {tv,json,xml,rdf,yaml}] [-e EXTRA]
[-o OUT_DIR]
Utility to create SBOM from WhiteSource data
optional arguments:
-h, --help show this help message and exit
-u WS_USER_KEY, --userKey WS_USER_KEY
WS User Key
-k WS_TOKEN, --token WS_TOKEN
WS Organization Key
-s SCOPE_TOKEN, --scope SCOPE_TOKEN
Scope token of SBOM report to generate
-a WS_URL, --wsUrl WS_URL
WS URL
-t {tv,json,xml,rdf,yaml}, --type {tv,json,xml,rdf,yaml}
Output type
-e EXTRA, --extra EXTRA
Extra configuration of SBOM
-o OUT_DIR, --out OUT_DIR
Output directory
Execution instructions:
python sbom_report.py -u <USER_KEY> -k <TOKEN> -s <SCOPE_TOKEN>