sbom-operator
sbom-operator copied to clipboard
ckotzbauer
Feature discussion: AWS Lambda SBOM generation
Hello - thank you for starting this project - it has saved me from attempting to build the same thing! ❤️
Would you be open to a contribution to allow SBOM generation from AWS Lambda functions?
Broadly, something like:
- Use the AWS Lambda Go SDK to call the
GetFunctionoperation, to obtain theCode.LocationURL - Fetch the Lambda's function code from the URL to a local temporary dir; this is generally a ZIP file
- Invoke Syft on the local code package
- (Tidy up?)
This would enable use of this tool in an environment in which there is a mix of Kubernetes workloads and serverless ones.
I wanted to guage your interest in whether this aligns with your project goals, before contributing a PR.
Hi, yes, this seems to be a valueable feature. I haven't any experience with AWS Lambda, but the approach seems comprehensible to me.
You can do a PR for that, and then we can discuss more in detail about the changes, but the concept looks well.
I started a refactoring in a feature-branch to allow other scan-items than containerImages. Maybe this could be a good entry-point for this feature. https://github.com/ckotzbauer/sbom-operator/tree/feature/scan-item
Thanks @ckotzbauer. I should have some time to look at this soon. I know that branch is old now - is that commit merged into main or does the branch need a rebase?
This issue is stale because it has been open 90 days with no activity. Remove stale label with /remove-lifecycle stale or comment or this will be closed in 5 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue is stale because it has been open 90 days with no activity. Remove stale label with /remove-lifecycle stale or comment or this will be closed in 5 days.