Open
Description
Add a support to transfer SBOM using interactive prompts via command:
sbommv transfer --interactiveand the o/p would be:
Welcome to the sbommv transfer interactive setup!
Step 1: Choose an input source (where SBOMs come from):
1. GitHub (fetch from repositories)
2. Folder (use local SBOM files)
3. S3 (pull from an AWS S3 bucket)
Enter choice [1-3]: 1
Step 2: Enter GitHub repository or organization URL (e.g., https://github.com/sigstore/cosign): https://github.com/sigstore/cosign
Select GitHub method:
1. API (Dependency Graph)
2. Release (from release page)
3. Tool (generate with Syft)
Enter choice [1-3]: 2
Step 3: Choose an output destination (where SBOMs go):
1. Folder (save to a local directory)
2. S3 (upload to an AWS S3 bucket)
3. Dependency Track (send to a server)
4. Interlynk (upload to Interlynk platform)
Enter choice [1-4]: 1
Step 4: Enter folder path to save SBOMs (e.g., ./temp): ./temp
Ready to run this command:
sbommv transfer --input-adapter=github --in-github-url="https://github.com/sigstore/cosign" --in-github-method=release --output-adapter=folder --out-folder-path="./temp"
Run now? [y/N]: y
[Executing transfer...]
The suggested that --interactive would offer an interactive prompt system to:
- Ask users to choose an input source (e.g., GitHub, Folder, S3).
- Based on the input adapter, asked respective flags value.
- Ask for an output destination (e.g., Folder, S3, Dependency Track, Interlynk).
- Similarly, based on the output adapter, asked respective flags values.
- Finally, construct and show the user final command and execute the equivalent sbommv transfer command.
Metadata
Metadata
Assignees
Labels
No labels