From 6413c0d98b7b6ef7d4865b82d5b92b86b772ac08 Mon Sep 17 00:00:00 2001 From: anthonyharrison Date: Sun, 28 Jul 2024 11:37:58 +0100 Subject: [PATCH] fix: updated examples --- examples/create.py | 4 +- examples/create_system.py | 79 +++++++++++++++++++++++++++++++++++++++ examples/regenerate.py | 11 ++++++ 3 files changed, 92 insertions(+), 2 deletions(-) create mode 100644 examples/create_system.py create mode 100644 examples/regenerate.py diff --git a/examples/create.py b/examples/create.py index 2c5ee0f..d6bfb57 100644 --- a/examples/create.py +++ b/examples/create.py @@ -3,8 +3,8 @@ ### Example to show use of lib4sbom to create a CycloneDX SBOM in JSON format -from lib4sbom.data.package import SBOMPackage from lib4sbom.data.document import SBOMDocument +from lib4sbom.data.package import SBOMPackage from lib4sbom.generator import SBOMGenerator from lib4sbom.output import SBOMOutput from lib4sbom.sbom import SBOM @@ -64,7 +64,7 @@ my_sbom.set_type(sbom_type="cyclonedx") my_sbom.set_version("1.6") my_doc = SBOMDocument() -my_doc.set_value("lifecycle","build") +my_doc.set_value("lifecycle", "build") my_sbom.add_document(my_doc.get_document()) my_sbom.add_packages(sbom_packages) # print(my_sbom.get_sbom()) diff --git a/examples/create_system.py b/examples/create_system.py new file mode 100644 index 0000000..00c4a29 --- /dev/null +++ b/examples/create_system.py @@ -0,0 +1,79 @@ +# Copyright (C) 2022 Anthony Harrison +# SPDX-License-Identifier: Apache-2.0 + +### Example to show use of lib4sbom to create a CycloneDX SBOM in JSON format + +from lib4sbom.data.document import SBOMDocument +from lib4sbom.data.package import SBOMPackage +from lib4sbom.data.relationship import SBOMRelationship +from lib4sbom.generator import SBOMGenerator +from lib4sbom.output import SBOMOutput +from lib4sbom.sbom import SBOM + +# Create packages +application = "application_name" +application_id = "CDXRef-DOCUMENT" + +relationships = [] +sbom_relationship = SBOMRelationship() +sbom_relationship.initialise() +sbom_relationship.set_relationship(application_id, "DESCRIBES", application) +sbom_relationship.set_relationship_id(None, application_id) +relationships.append(sbom_relationship.get_relationship()) + +sbom_packages = {} +my_package = SBOMPackage() + +my_package.initialise() +my_package.set_name("almalinux") +my_package.set_type("operating-system") +my_package.set_version("9.0") +my_package.set_supplier("organisation", "alma") +my_package.set_licensedeclared("Apache-2.0") +my_package.set_externalreference("OTHER", "bom-link", "alma.json") +sbom_packages[ + (my_package.get_name(), my_package.get_value("version")) +] = my_package.get_package() +sbom_relationship.initialise() +sbom_relationship.set_relationship( + application, "DEPENDS_ON", my_package.get_value("name") +) +sbom_relationship.set_relationship_id(application_id, my_package.get_value("id")) +relationships.append(sbom_relationship.get_relationship()) + +my_package.initialise() +my_package.set_name("sbomlens") +my_package.set_type("container") +my_package.set_version("0.1.0") +my_package.set_supplier("organisation", "aph10") +my_package.set_externalreference("OTHER", "bom-link", "sbomlens.json") +sbom_packages[ + (my_package.get_name(), my_package.get_value("version")) +] = my_package.get_package() +sbom_relationship.initialise() +sbom_relationship.set_relationship( + application, "DEPENDS_ON", my_package.get_value("name") +) +sbom_relationship.set_relationship_id(application_id, my_package.get_value("id")) +relationships.append(sbom_relationship.get_relationship()) + +# Generate SBOM +my_sbom = SBOM() +my_sbom.set_type(sbom_type="cyclonedx") +my_sbom.set_version("1.6") +my_doc = SBOMDocument() +my_doc.set_value("lifecycle", "build") +my_doc.set_metadata_type("application") +my_doc.set_metadata_supplier("Acme Inc.") +my_doc.set_metadata_version("0.1.0") +my_sbom.add_document(my_doc.get_document()) +my_sbom.add_packages(sbom_packages) +my_sbom.add_relationships(relationships) +# print(my_sbom.get_sbom()) +# +# +my_generator = SBOMGenerator(False, sbom_type="cyclonedx", format="json") +# Will be displayed on console +my_generator.generate(application, my_sbom.get_sbom()) + +# Send to file diff --git a/examples/regenerate.py b/examples/regenerate.py new file mode 100644 index 0000000..496f43c --- /dev/null +++ b/examples/regenerate.py @@ -0,0 +1,11 @@ +from lib4sbom.generator import SBOMGenerator +from lib4sbom.output import SBOMOutput +from lib4sbom.parser import SBOMParser + +tp = SBOMParser() +tp.parse_file("/tmp/system.json") +print(tp.get_sbom()) +tg = SBOMGenerator(False, sbom_type="spdx", format="tag") +tg.generate("Systen_App", tp.get_sbom()) +so = SBOMOutput(filename="/tmp/system1.spdx", output_format="tag") +so.generate_output(tg.get_sbom())