mirror of
https://github.com/docker/docs.git
synced 2026-03-27 06:18:55 +07:00
ec72262eed
Upstream docs had a formatting issue that needed a hotfix. Rather than fixing the vendored yaml, which would be overwritten the next time update (any) vendored modules, I decided to manually copy the cli reference yaml to the data dir. Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
163 lines
4.5 KiB
YAML
163 lines
4.5 KiB
YAML
command: docker scout sbom
|
|
short: Generate or display SBOM of an image
|
|
long: |-
|
|
The `docker scout sbom` command analyzes a software artifact to generate a
|
|
Software Bill Of Materials (SBOM).
|
|
|
|
The SBOM contains a list of all packages in the image.
|
|
You can use the `--format` flag to filter the output of the command
|
|
to display only packages of a specific type.
|
|
|
|
If no image is specified, the most recently built image is used.
|
|
|
|
The following artifact types are supported:
|
|
|
|
- Images
|
|
- OCI layout directories
|
|
- Tarball archives, as created by `docker save`
|
|
- Local directory or file
|
|
|
|
By default, the tool expects an image reference, such as:
|
|
|
|
- `redis`
|
|
- `curlimages/curl:7.87.0`
|
|
- `mcr.microsoft.com/dotnet/runtime:7.0`
|
|
|
|
If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory,
|
|
or if you want to control from where the image will be resolved, you must prefix the reference with one of the following:
|
|
|
|
- `image://` (default) use a local image, or fall back to a registry lookup
|
|
- `local://` use an image from the local image store (don't do a registry lookup)
|
|
- `registry://` use an image from a registry (don't use a local image)
|
|
- `oci-dir://` use an OCI layout directory
|
|
- `archive://` use a tarball archive, as created by `docker save`
|
|
- `fs://` use a local directory or file
|
|
usage: docker scout sbom [IMAGE|DIRECTORY|ARCHIVE]
|
|
pname: docker scout
|
|
plink: docker_scout.yaml
|
|
options:
|
|
- option: format
|
|
value_type: string
|
|
default_value: json
|
|
description: |-
|
|
Output format:
|
|
- list: list of packages of the image
|
|
- json: json representation of the SBOM
|
|
- spdx: spdx representation of the SBOM
|
|
- cyclonedx: cyclone dx representation of the SBOM
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: only-package-type
|
|
value_type: stringSlice
|
|
default_value: '[]'
|
|
description: |-
|
|
Comma separated list of package types (like apk, deb, rpm, npm, pypi, golang, etc)
|
|
Can only be used with --format list
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: output
|
|
shorthand: o
|
|
value_type: string
|
|
description: Write the report to a file
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: platform
|
|
value_type: string
|
|
description: Platform of image to analyze
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: ref
|
|
value_type: string
|
|
description: |-
|
|
Reference to use if the provided tarball contains multiple references.
|
|
Can only be used with archive
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: secrets
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: Scan for secrets in the image
|
|
deprecated: false
|
|
hidden: true
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
inherited_options:
|
|
- option: debug
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: Debug messages
|
|
deprecated: false
|
|
hidden: true
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: verbose-debug
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: Verbose debug
|
|
deprecated: false
|
|
hidden: true
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
examples: |-
|
|
### Display the list of packages
|
|
|
|
```console
|
|
$ docker scout sbom --format list alpine
|
|
```
|
|
|
|
### Only display packages of a specific type
|
|
|
|
```console
|
|
$ docker scout sbom --format list --only-package-type apk alpine
|
|
```
|
|
|
|
### Display the full SBOM in JSON format
|
|
|
|
```console
|
|
$ docker scout sbom alpine
|
|
```
|
|
|
|
### Display the full SBOM of the most recently built image
|
|
|
|
```console
|
|
$ docker scout sbom
|
|
```
|
|
|
|
### Write SBOM to a file
|
|
|
|
```console
|
|
$ docker scout sbom --output alpine.sbom alpine
|
|
```
|
|
deprecated: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
|