Skip to content

cadonuno/Veracode-Get-Sbom

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
veracode-sbom.py
veracode-sbom.py
 
 

Repository files navigation

Veracode Get SBOM

Overview

This script allows for extracting, from the Veracode Platform, the SBOM for a Project or Application

Installation

Clone this repository:

git clone https://github.com/cadonuno/Veracode-Get-Sbom.git

Install dependencies:

cd Veracode-Get-Sbom
pip install -r requirements.txt

Getting Started

It is highly recommended that you store veracode API credentials on disk, in a secure file that has appropriate file protections in place.

(Optional) Save Veracode API credentials in ~/.veracode/credentials

[default]
veracode_api_key_id = <YOUR_API_KEY_ID>
veracode_api_key_secret = <YOUR_API_KEY_SECRET>

Running the script

py veracode-sbom.py -a <application_name> -f <file_to_save> [-d]
    Extracts an SBOM from the latest scan for the application named <application_name>

py veracode-sbom.py -w <workspace_name> -p <project_name> -f <file_to_save> [-d]
    Extracts an SBOM from the latest scan for the project named <project_name> contained within the workspace named <workspace_name>

If a credentials file is not created, you can export the following environment variables:

export VERACODE_API_KEY_ID=<YOUR_API_KEY_ID>
export VERACODE_API_KEY_SECRET=<YOUR_API_KEY_SECRET>
py veracode-sbom.py -a <application_name> [-d]

License

MIT license

See the LICENSE file for details

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages