SPDX output into the file

Question

SPDX output into the file

AleX04Nov opened this issue a year ago · 0 comments

OS: Sonoma 14.1
Model: M2
Scout Version:

version: v1.0.9 (go1.21.3 - darwin/arm64)
git commit: 8bf95bf60d084af341f70e8263342f71b0a3cd16

Any direct output into the file of --format spdx results in a panic error.

Examples:

With CVES

docker scout cves busybox:latest --format spdx --output ./any.spdx.json
    ✓ SBOM of image already cached, 0 packages indexed
    ✓ No vulnerable package detected
panic: implement me

goroutine 1 [running]:
github.com/docker/scout-cli-plugin/internal/format/sbom/spdx.(*SPDX).WriteToFile(0x16f8075d1?, {0x4?, 0x101d5b4e0?}, {0x15?, 0x0?}, 0x0?, 0x103d2a980?)
	/home/runner/work/scout-cli-plugin/scout-cli-plugin/internal/format/sbom/spdx/spdx.go:49 +0x2c
github.com/docker/scout-cli-plugin/internal/commands/cves.NewCmd.func2(0x14000bacc00?, {0x1400089bea0?, 0x1?, 0x5?})
	/home/runner/work/scout-cli-plugin/scout-cli-plugin/internal/commands/cves/cves.go:253 +0xa90
github.com/spf13/cobra.(*Command).execute(0x14000bacc00, {0x14000bbe4f0, 0x5, 0x5})
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:940 +0x658
github.com/spf13/cobra.(*Command).ExecuteC(0x14000beb500)
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:1068 +0x320
github.com/spf13/cobra.(*Command).Execute(...)
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:992
github.com/docker/cli/cli-plugins/plugin.RunPlugin(0x102bcfbc0?, 0x14000bac300, {{0x101ceeaa3, 0x5}, {0x101d17dc9, 0xb}, {0x140007957c4, 0x6}, {0x101d24b01, 0xc}, ...})
	/home/runner/go/pkg/mod/github.com/docker/cli@v24.0.5+incompatible/cli-plugins/plugin/plugin.go:51 +0x13c
main.runPlugin(0x101d9f187?)
	/home/runner/work/scout-cli-plugin/scout-cli-plugin/cmd/docker-scout/main.go:29 +0x10c
main.main()
	/home/runner/work/scout-cli-plugin/scout-cli-plugin/cmd/docker-scout/main.go:53 +0x130

With SBOM

docker scout sbom busybox:latest --format spdx --output ./any.spdx.json
{"level":"info","msg":"SBOM of image already cached, 0 packages indexed\n","time":"2023-11-21T16:40:31+01:00"}
panic: implement me

goroutine 1 [running]:
github.com/docker/scout-cli-plugin/internal/format/sbom/spdx.(*SPDX).WriteToFile(0x105c0f9d7?, {0x4?, 0x107c4e980?}, {0x14000bfa930?, 0x0?}, 0x0?, 0x0?)
	/home/runner/work/scout-cli-plugin/scout-cli-plugin/internal/format/sbom/spdx/spdx.go:49 +0x2c
github.com/docker/scout-cli-plugin/internal/commands/sbom.NewCmd.func2(0x140009aba00?, {0x14000194e10?, 0x1?, 0x5?})
	/home/runner/work/scout-cli-plugin/scout-cli-plugin/internal/commands/sbom/sbom.go:150 +0x248
github.com/spf13/cobra.(*Command).execute(0x1400013d800, {0x14000bfa8e0, 0x5, 0x5})
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:940 +0x658
github.com/spf13/cobra.(*Command).ExecuteC(0x14000c23800)
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:1068 +0x320
github.com/spf13/cobra.(*Command).Execute(...)
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.7.0/command.go:992
github.com/docker/cli/cli-plugins/plugin.RunPlugin(0x106af3bc0?, 0x1400013c600, {{0x105c12aa3, 0x5}, {0x105c3bdc9, 0xb}, {0x140008896b4, 0x6}, {0x105c48b01, 0xc}, ...})
	/home/runner/go/pkg/mod/github.com/docker/cli@v24.0.5+incompatible/cli-plugins/plugin/plugin.go:51 +0x13c
main.runPlugin(0x105cc3187?)
	/home/runner/work/scout-cli-plugin/scout-cli-plugin/cmd/docker-scout/main.go:29 +0x10c
main.main()
	/home/runner/work/scout-cli-plugin/scout-cli-plugin/cmd/docker-scout/main.go:53 +0x130