Syft rules for Bazel
This project extends bazel with a toolchain for the use of the Syft commandline tool from Anchore
See the WORKSPACE setup section of the current release.
This ruleset was initially designed to add SBOM generation capability for rules_oci. The ultimate aim is to support the entire featureset offered by syft as well as continuing to match it.
The public API is outlined below. It is currently barebones with more features being added in the near future.
- syft_generate - Generate an SBOM from a provided tarball
- Multiarch SBOM Generation - Generate SBOM's for multiarch images then combine into an image index