[elbe-devel] [PATCH 1/1] elbepack: commands: add cyclonedx-sbom command
Eduard Krein
eduard.krein at linutronix.de
Tue May 7 13:56:17 CEST 2024
cyclonedx-sbom is generating software-bill-of-materials in
the OWASP cyclonedx format. This is a work-in-progress.
Signed-off-by: Eduard Krein <eduard.krein at linutronix.de>
---
elbepack/commands/cyclonedx-sbom.py | 37 +++++++++++++++++++++++++++++
1 file changed, 37 insertions(+)
create mode 100644 elbepack/commands/cyclonedx-sbom.py
diff --git a/elbepack/commands/cyclonedx-sbom.py b/elbepack/commands/cyclonedx-sbom.py
new file mode 100644
index 00000000..e8fce54f
--- /dev/null
+++ b/elbepack/commands/cyclonedx-sbom.py
@@ -0,0 +1,37 @@
+# ELBE - Debian Based Embedded Rootfilesystem Builder
+
+import datetime
+import json
+import os
+from json import JSONEncoder
+from optparse import OptionParser
+
+from elbepack.elbexml import ElbeXML
+from elbepack.uuid7 import uuid7
+
+
+def run_command(argv):
+
+ oparser = OptionParser()
+ oparser.add_option('-d', type='string', dest='elbe_build')
+ (options, args) = oparser.parse_args()
+
+ xmlpath = os.path.join(options.elbe_build, 'source.xml')
+ data = ElbeXML(xmlpath)
+ ts = datetime.datetime.now()
+ elbe_uuid = uuid7(ts)
+ urn_uuid = 'urn:uuid:' + str(elbe_uuid)
+ elbeversion = data.get_elbe_version()
+ output = {'bomFormat': 'CycloneDX', 'specVersion': '1.4',
+ 'serialNumber': urn_uuid, 'version': 1, 'metadata':
+ {'timestamp': ts, 'tools': [{'vendor': 'Linutronix',
+ 'name': 'Elbe', 'version': elbeversion}]}}
+
+ json_string = json.dumps(output, indent=2, cls=DateTimeEncoder)
+ print(json_string)
+
+
+class DateTimeEncoder(JSONEncoder):
+ def default(self, obj):
+ if isinstance(obj, (datetime.date, datetime.datetime)):
+ return obj.isoformat()
--
2.39.2
More information about the elbe-devel
mailing list