A utility to create SBOM Reports in the SPDX or CDX formats
Project description
Mend SBOM Cli
Generation SBOM reports in the SPDX or CycloneDx formats
Supported Operating Systems
- Linux (Bash): CentOS, Debian, Ubuntu
- Windows (PowerShell): 10, 2012, 2016
Prerequisites
- Python 3.9+
- Mend user with admin permissions
Installation
$ pip install mend-sbom-export-cli
Note: Depending on whether the package was installed as a root user or not, you need to make sure the package installation location was added to the
$PATHenvironment variable.
Configuration Parameters
Note: Parameters can be specified as either command-line arguments, environment variables, or a combination of both.
Command-line arguments take precedence over environment variables.
| CLI argument | Env. Variable | Type | Required | Description |
|---|---|---|---|---|
| ‑‑help | switch |
No | Show help and exit | |
| ‑‑api-key | WS_APIKEY |
string |
No* | Mend API Key |
| ‑‑service | WS_SERVICEUSER |
string |
No* | Mend Service User email |
| ‑‑user-key | WS_USERKEY |
string |
Yes | Mend User Key (your own personal user key if Mend API Key provided or user key of service user) |
| ‑‑url | WS_WSS_URL |
string |
Yes | Mend Server URL |
| ‑‑product | WS_PRODUCTTOKEN |
string |
No | Empty String (Include all products). Comma-separated list of Mend Product Tokens that should be included |
| ‑‑project | WS_PROJECTTOKEN |
string |
No | Empty String (Include all projects). Comma-separated list of Mend Project Tokens that should be included |
| ‑‑exclude | WS_EXCLUDETOKEN |
string |
No | Empty String (No exclusions).Commsa-separated list of Mend Project Tokens that should be excluded |
| ‑‑licensetext | bool |
No | Include full license text for all libraries (default: False) |
|
| ‑‑dir | string |
No | Output directory for the report files (default: current folder) |
|
| ‑‑type | string |
No | Report format [spdx cdx] (default: spdx) |
|
| ‑‑threads | int |
No | Number of threads to run in parallel for report generation (default: 10) |
* One of the parameters must be specified (Api-key or Mend Service User email).
The Service User or your user should have the rights to work with the requested org/product/projects.
Execution Examples
Using command-line arguments only:
sbom_export_cli --user-key WS_USERKEY --api-key WS_APIKEY --url $WS_WSS_URL --product `ProductToken1`,`ProductToken2` --project `ProjectToken` --dir $OUTPUT_DIRECTORY
Using environment variables:
export WS_USERKEY=xxxxxxxxxxx
export WS_APIKEY=xxxxxxxxxxx
export WS_WSS_URL=https://saas.mend.io
sbom_export_cli --product `ProductToken`
Note: Either form is accepted. For the rest of the examples, the latter form would be used
Note: In the following examples, $WS_USERKEY, $WS_APIKEY and $WS_WSS_URL are assumed to have been exported as environment variables.
Create CycloneDx SBOM reports
$ sbom_export_cli --project "$WS_PROJECTTOKEN" --dir $HOME/reports --type cdx
Create SPDX reports
$ sbom_export_cli --product "$WS_PRODUCTTOKEN" --dir $HOME/reports --licensetext True
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
File details
Details for the file mend_sbom_export_cli-23.12.1-py3-none-any.whl.
File metadata
- Download URL: mend_sbom_export_cli-23.12.1-py3-none-any.whl
- Upload date:
- Size: 14.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 40ed63d0eed435d3019f1626cc90d5d9a192997f61ffefb4e23b2311fe59adf9 |
|
| MD5 | 990e20e762183ca9210eaafe31ac1145 |
|
| BLAKE2b-256 | 288cff758c4e54a770ed03500406afc704d28c389336d3bba8c93c9047ab99db |
