Version: 1.12.x

APT (Debian)

Collect an SBOM component using the APT Package Manager.

Details

Transfer Tag

hoppr.core_plugins.collect_apt_plugin

Supported PURLs

deb

System Dependencies

aptapt-cache

Transfer File Example

---
schemaVersion: v1
kind: transfer

stages:
  collect:
    plugins:
      - name: hoppr.core_plugins.collect_apt_plugin
        config:
          process_timeout: 60

max_processes: 3

Configuration Options

Option	Details
process_timeout	Number of seconds to attempt collect before timeout. Default: 60

Proxy and Certificate Configuration

To configure proxies, set the following environment variables:

Environment Variable Name	Description
`http_proxy`	Proxy for the HTTP protocol.
`https_proxy`	Proxy for the HTTPS protocol.
`no_proxy`	Comma-separated list of domains where proxies won't be used.

By default all certificates trusted by the system are used for the verification of the server certificate by APT. For information on how to install a root CA certificate in the trust store, see [https://ubuntu.com/server/docs/security-trust-store].

Credentials Configuration

To specify credentials, you need a credentials file.

Sample credentials file:

---
schemaVersion: v1
kind: Credentials

metadata:
  name: Registry Credentials
  version: v1
  description: Sample credentials file

credential_required_services:
  - url: registry.gitlab.com
    user_env: CI_REGISTRY_USER
    pass_env: CI_REGISTRY_PASSWORD

SBOM Generation Tools

apt2sbom (cli tool)

note

For more tools visit the CycloneDX Tool Center

Details

Transfer Tag

Supported PURLs

System Dependencies

Transfer File Example

Configuration Options​

Proxy and Certificate Configuration​

Credentials Configuration​

SBOM Generation Tools​

Configuration Options

Proxy and Certificate Configuration

Credentials Configuration

SBOM Generation Tools