Skip to main content
Version: Next

APT (Debian)

Collect an SBOM component using the APT Package Manager.

Details

Transfer Tag

hoppr.core_plugins.collect_apt_plugin

Supported PURLs

deb

System Dependencies

Transfer File Example

---
schemaVersion: v1
kind: transfer

stages:
collect:
plugins:
- name: hoppr.core_plugins.collect_apt_plugin
config:
process_timeout: 60

max_processes: 3

Configuration Options​

OptionDetails
process_timeoutNumber of seconds to attempt collect before timeout. Default: 60

Proxy and Certificate Configuration​

To configure proxies, set the following environment variables:

Environment Variable NameDescription
http_proxyProxy for the HTTP protocol.
https_proxyProxy for the HTTPS protocol.
no_proxyComma-separated list of domains where proxies won't be used.

By default all certificates trusted by the system are used for the verification of the server certificate by APT. For information on how to install a root CA certificate in the trust store, see [https://ubuntu.com/server/docs/security-trust-store].

Credentials Configuration​

To specify credentials, you need a credentials file.

Sample credentials file:

---
schemaVersion: v1
kind: Credentials

metadata:
name: Registry Credentials
version: v1
description: Sample credentials file

credential_required_services:
- url: registry.gitlab.com
user_env: CI_REGISTRY_USER
pass_env: CI_REGISTRY_PASSWORD

SBOM Generation Tools​

note

For more tools visit the CycloneDX Tool Center