SBOMS Class
SBOMS interface
Direct access to the sboms endpoint
The user is not expected to use this class directly. It is an attribute of the
Archivist class.
For example instantiate an Archivist instance and execute the methods of the class:
with open(".auth_token", mode="r", encoding="utf-8") as tokenfile:
authtoken = tokenfile.read().strip()
# Initialize connection to Archivist
arch = Archivist(
"https://app.rkvst.io",
authtoken,
)
with open("bom.xml") as fd:
sbom = arch.sboms.upload(fd)
- class archivist.sboms._SBOMSClient(archivist_instance: Archivist)[source]
SBOMSClient
Access to SBOMs entities using CRUD interface. This class is usually accessed as an attribute of the Archivist class.
- Parameters:
archivist (Archivist) --
Archivistinstance
- create(data: dict[str, Any]) dict[str, Any][source]
Create an sbom and return struct suitable for use in an asset or event creation.
- Parameters:
data (dict) -- dictionary
A YAML representation of the data argument would be:
filename: functests/test_resources/sboms/gen1.xml content_type: text/xml confirm: True params: privacy: PRIVATE
OR
url: https://some.hostname/cdx.xml content_type: text/xml confirm: True params: privacy: PRIVATE Either 'filename' or 'url' is required. 'content_type' is required.
- Returns:
A dict suitable for adding to an asset or event creation
A YAML representation of the result would be:
arc_display_name: Acme Generation1 SBOM arc_blob_identity: sboms/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx .....
- download(identity: str, fd: BinaryIO) Response[source]
Read SBOM
Reads SBOM into data sink (usually a file opened for write).. Note that returns the response as the body will be consumed by the fd iterator
- Parameters:
identity (str) -- SBOM identity e.g. sboms/xxxxxxxxxxxxxxxxxxxxxxx
fd (file) -- opened file descriptor or other file-type sink.
- Returns:
REST response
- list(*, page_size: Optional[int] = None, metadata: Optional[dict[str, Any]] = None)[source]
List SBOMS.
Lists SBOMS that match optional criteria:
sboms = self.arch.sboms.list(metadata={ "trusted": True, "uploaded_before": "2021-11-17T11:28:31Z", "uploaded_since": "2021-11-16T11:28:31Z", })
- Parameters:
metadata (dict) -- optional e.g. {"life_cycle_status": "ACTIVE" }
page_size (int) -- optional page size. (Rarely used).
- Returns:
iterable that returns
SBOMinstances
- static parse(data: dict[str, Any]) dict[str, Any][source]
parse the sbom and extract pertinent information
- Parameters:
data (dict) -- dictionary
A YAML representation of the data argument would be:
filename: functests/test_resources/sboms/gen1.xml
OR
url: https://some.hostname/cdx.xml Either 'filename' or 'url' is required.
- Returns:
A dict suitable for adding to an asset or event creation
- publish(identity: str, confirm: bool = True) SBOM[source]
Publish SBOMt
Makes an SBOM public.
- Parameters:
identity (str) -- identity of SBOM
confirm (bool) -- if True wait for sbom to be published.
- Returns:
SBOMinstance
- read(identity: str) SBOM[source]
Read SBOM metadata
Reads SBOM metadata.
- Parameters:
identity (str) -- sbom identity e.g. sboms/xxxxxxxxxxxxxxxxxxxxxxx
- Returns:
BOM
- upload(fd: BinaryIO, *, confirm: bool = True, mtype: Optional[str] = None, params: Optional[dict[str, Any]] = None) SBOM[source]
Create SBOM
Creates SBOM from opened file or other data source.
- Parameters:
fd (file) -- opened file descriptor or other file-type iterable.
confirm (bool) -- if True wait for sbom to be uploaded.
mtype (str) -- mimetype of data.
params (dict) -- optional e.g. {"sbomType": "cyclonedx-xml", "privacy": "PUBLIC" }
- Returns:
SBOMinstance
- wait_for_publication(identity: str) SBOM[source]
Wait for sbom to be published.
Waits for sbom to be published.
- Parameters:
identity (str) -- identity of sbom
- Returns:
True if sbom is confirmed.
- wait_for_uploading(identity: str) SBOM[source]
Wait for sbom to be uploaded.
Waits for sbom to be uploaded.
- Parameters:
identity (str) -- identity of sbom
- Returns:
True if sbom is uploaded.