github.com/Racer159/jackal@v0.32.7-0.20240401174413-0bd2339e4f2e/docs/2-the-jackal-cli/100-cli-commands/jackal_tools_sbom_attest.md (about) 1 # jackal tools sbom attest 2 <!-- Auto-generated by hack/gen-cli-docs.sh --> 3 4 Generate an SBOM as an attestation for the given [SOURCE] container image 5 6 ## Synopsis 7 8 Generate a packaged-based Software Bill Of Materials (SBOM) from a container image as the predicate of an in-toto attestation that will be uploaded to the image registry 9 10 ``` 11 jackal tools sbom attest --output [FORMAT] <IMAGE> [flags] 12 ``` 13 14 ## Options 15 16 ``` 17 --base-path string base directory for scanning, no links will be followed above this directory, and all paths will be reported relative to this directory 18 --catalogers stringArray enable one or more package catalogers 19 --exclude stringArray exclude paths from being scanned using a glob expression 20 -h, --help help for attest 21 --name string set the name of the target being analyzed (DEPRECATED: use: source-name) 22 -o, --output stringArray report output format (<format>=<file> to output to a file), formats=[cyclonedx-json cyclonedx-xml github-json spdx-json spdx-tag-value syft-json syft-table syft-text template] (default [syft-json]) 23 --platform string an optional platform specifier for container image sources (e.g. 'linux/arm64', 'linux/arm64/v8', 'arm64', 'linux') 24 -s, --scope string selection of layers to catalog, options=[squashed all-layers] 25 --source-name string set the name of the target being analyzed 26 --source-version string set the version of the target being analyzed 27 ``` 28 29 ## Options inherited from parent commands 30 31 ``` 32 -c, --config string syft configuration file 33 -q, --quiet suppress all logging output 34 -v, --verbose count increase verbosity (-v = info, -vv = debug) 35 ``` 36 37 ## SEE ALSO 38 39 * [jackal tools sbom](jackal_tools_sbom.md) - Generates a Software Bill of Materials (SBOM) for the given package