Skip to content
/ GenerateSBOMPS Public

A simple example script generate an (CYCLONEDX or SPDX) SBOM for an app scanned with Veracode in a json file.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

christyson/GenerateSBOMPS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
sbom_gen.ps1
sbom_gen.ps1
 
 

Repository files navigation

Veracode Generate SBOM in Powershell

A simple example script generate an (CYCLONEDX or SPDX) SBOM for an app in a json file.

Setup

Clone this repository:

git clone https://github.com/christyson/GenerateSBOMPS.git

Usage for a single app profile or and app profile with a sandbox

.\sbom_gen <arguments>

Arguments:
app    : (required) Name of the application within Veracode
type   : (optional) Type of SBOM to generate; valid values are 'cyclonedx' (default) or 'spdx'
linked : (optional) Include components from linked projects or not; valid values are 'true' (default) or 'false'

Run

To run you will need to set environment variables as follows:

$ENV:Veracode_API_ID=<YOUR_API_ID>
$ENV:Veracode_API_Key=<YOUR_API_KEY_SECRET>

and then for an spdx that is linked run:

.\sbom_gen <your_app_name> spdx false

This method will generate an SBOM in a file called "your app name"_"type".json

If the app is not found an error message will be printed.

Note: the PowerShell for HMAC Auth came from https://github.com/rafaelzm2000/VC_HMAC_Auth

About

A simple example script generate an (CYCLONEDX or SPDX) SBOM for an app scanned with Veracode in a json file.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages