Skip to content

Commit

Permalink
Add redact documentation (#582)
Browse files Browse the repository at this point in the history
* Add redact documentation

* PR feedback
  • Loading branch information
sfoslund authored May 22, 2024
1 parent b18bb46 commit 0b4db48
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 1 deletion.
14 changes: 14 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,20 @@ This sample command provides the minimum mandatory arguments required to validat

Currently only SPDX2.2 is supported.

### SBOM Redact

Use the tool to redact any references to files from a given SBOM or set of SBOMs with either of the following commands:

```
sbom-tool redact -sd <directory containing SBOMs to redact> -o <output path>
```

```
sbom-tool redact -sp <path to the SBOM to redact> -o <output path>
```

This command will generate a mirrored set of SBOMs in the output directory, but with the file references removed. Note that the SBOM directory and output path arguments can not reference the same directory and the output path should point to an existing, empty directory.

## Integrating SBOM tool to your CI/CD pipelines.

You can follow these guides to integrate the SBOM tool into your CI/CD pipelines
Expand Down
14 changes: 14 additions & 0 deletions docs/sbom-tool-arguments.md
Original file line number Diff line number Diff line change
Expand Up @@ -81,5 +81,19 @@ Actions
FollowSymlinks (-F) If set to false, we will not follow symlinks while traversing the build drop folder. Default is set to 'true'.
ManifestInfo (-mi) A list of the name and version of the manifest format that we are using.
Redact -options - Redact file information from given SBOM(s).
Option Description
SbomPath (-sp) The file path of the SBOM to redact.
SbomDir (-sd) The directory containing the sbom(s) to redact.
OutputPath (-o) Gets or sets the directory where the redacted SBOM file(s) will be generated.
Verbosity (-V) Display this amount of detail in the logging output.
Verbose
Debug
Information
Warning
Error
Fatal
Version - Displays the version of the tool being used. Can be used as '--version'
```
1 change: 0 additions & 1 deletion src/Microsoft.Sbom.Api/Config/SbomToolCmdRunner.cs
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,6 @@ public GenerationArgs Generate(GenerationArgs generationArgs)
/// </summary>
[ArgActionMethod]
[ArgDescription("Redact file information from given SBOM(s).")]
[OmitFromUsageDocs]
public RedactArgs Redact(RedactArgs redactArgs)
{
return redactArgs;
Expand Down

0 comments on commit 0b4db48

Please sign in to comment.