Skip to content

mend-toolkit/Mend-SBOM-Export-CLI

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
.github
.github
 
 
mend_sbom_export_cli
mend_sbom_export_cli
 
 
.gitignore
.gitignore
 
 
.whitesource
.whitesource
 
 
CLA.md
CLA.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 

Repository files navigation

Logo

License

Mend SBOM Cli

Generation SBOM reports in the SPDX or CycloneDx formats

Supported Operating Systems

  • Linux (Bash): CentOS, Debian, Ubuntu
  • Windows (PowerShell): 10, 2012, 2016

Prerequisites

  • Python 3.9+
  • Mend user with at least Product Admin permissions

Installation

$ pip install mend-sbom-export-cli

Note: Depending on whether the package was installed as a root user or not, you need to make sure the package installation location was added to the $PATH environment variable.

Configuration Parameters

Note: Parameters can be specified as either command-line arguments, environment variables, or a combination of both.

Command-line arguments take precedence over environment variables.

CLI argument Env. Variable Type Required Description
‑‑help switch No Show help and exit
‑‑api-key WS_APIKEY string No* Mend API Key
‑‑service WS_SERVICEUSER string No* Mend Service User email
‑‑user-key WS_USERKEY string Yes Mend User Key (your own personal user key if Mend API Key provided or user key of service user)
‑‑url WS_WSS_URL string Yes Mend Server URL
‑‑product WS_PRODUCTTOKEN string No Empty String
(Include all products). Comma-separated list of Mend Product Tokens that should be included
‑‑project WS_PROJECTTOKEN string No Empty String
(Include all projects). Comma-separated list of Mend Project Tokens that should be included
‑‑exclude WS_EXCLUDETOKEN string No Empty String
(No exclusions).Commsa-separated list of Mend Project Tokens that should be excluded
‑‑licensetext bool No Include full license text for all libraries (default: False)
‑‑dir string No Output directory for the report files (default: current folder)
‑‑type string No Report format [spdx cdx] (default: spdx)
‑‑threads int No Number of threads to run in parallel for report generation (default: 10)

* One of the parameters must be specified (Api-key or Mend Service User email).
The Service User or your user should have the rights to work with the requested org/product/projects.

Execution Examples

Using command-line arguments only:

sbom_export_cli --user-key WS_USERKEY --api-key WS_APIKEY --url $WS_WSS_URL --product `ProductToken1`,`ProductToken2` --project `ProjectToken` --dir $OUTPUT_DIRECTORY

Using environment variables:

export WS_USERKEY=xxxxxxxxxxx
export WS_APIKEY=xxxxxxxxxxx
export WS_WSS_URL=https://saas.mend.io

sbom_export_cli --product `ProductToken`

Note: Either form is accepted. For the rest of the examples, the latter form would be used
Note: In the following examples, $WS_USERKEY, $WS_APIKEY and $WS_WSS_URL are assumed to have been exported as environment variables.

Create CycloneDx SBOM reports

$ sbom_export_cli --project "$WS_PROJECTTOKEN" --dir $HOME/reports --type cdx

Create SPDX reports

$ sbom_export_cli --product "$WS_PRODUCTTOKEN" --dir $HOME/reports --licensetext True

About

Mend SBOM Exporter CLI

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

3 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases 3

v23.12.1 Latest
Dec 12, 2023
+ 2 releases

Packages

 
 
 

Contributors

Languages