Syft rules for Bazel

This project extends bazel with a toolchain for the use of the Syft commandline tool from Anchore

Setup

See the WORKSPACE setup section of the current release.

Design

This ruleset was initially designed to add SBOM generation capability for rules_oci. The ultimate aim is to support the entire featureset offered by syft as well as continuing to match it.

Usage and Public API

The public API is outlined below. It is currently barebones with more features being added in the near future.

SBOM Generation

syft_generate - Generate an SBOM from a provided tarball

SBOM Generation Examples

Multiarch SBOM Generation - Generate SBOM's for multiarch images then combine into an image index

Name		Name	Last commit message	Last commit date
Latest commit History 72 Commits
.bcr		.bcr
.github/workflows		.github/workflows
docs		docs
e2e		e2e
syft		syft
tools		tools
.bazelignore		.bazelignore
.bazelrc		.bazelrc
.bazelversion		.bazelversion
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
BUILD.bazel		BUILD.bazel
LICENSE		LICENSE
MODULE.bazel		MODULE.bazel
README.md		README.md
WORKSPACE		WORKSPACE
internal_deps.bzl		internal_deps.bzl
renovate.json		renovate.json

License

ihavespoons/rules_syft

Folders and files

Latest commit

History

Repository files navigation

Syft rules for Bazel

Setup

Design

Usage and Public API

SBOM Generation

SBOM Generation Examples

About

Topics

Resources

License

Stars

Watchers

Forks

Languages