49 lines
1.4 KiB
Markdown
49 lines
1.4 KiB
Markdown
# SbomService
|
|
|
|
**Status:** Implemented
|
|
**Source:** `src/SbomService/`
|
|
**Owner:** Scanner Guild
|
|
|
|
## Purpose
|
|
|
|
SbomService provides SBOM storage, versioning, and lineage tracking. Maintains the canonical SBOM repository with support for SPDX 3.0.1 and CycloneDX 1.6 formats, including temporal queries and dependency graph analysis.
|
|
|
|
## Components
|
|
|
|
**Services:**
|
|
- `StellaOps.SbomService` - Main SBOM service with API and business logic
|
|
|
|
**Libraries:**
|
|
- `StellaOps.SbomService.Storage.Postgres` - PostgreSQL storage adapter for SBOM persistence
|
|
- `StellaOps.SbomService.Storage.Postgres.Tests` - Storage layer integration tests
|
|
|
|
## Configuration
|
|
|
|
Configuration is embedded in the service module settings.
|
|
|
|
Key settings:
|
|
- PostgreSQL connection (schema: `sbom_service`)
|
|
- Authority integration
|
|
- SBOM format support (SPDX, CycloneDX)
|
|
- Versioning and lineage policies
|
|
- Retention settings
|
|
|
|
## Dependencies
|
|
|
|
- PostgreSQL (schema: `sbom_service`)
|
|
- Authority (authentication)
|
|
- Scanner (SBOM generation source)
|
|
- Attestor (SBOM attestation integration)
|
|
- ExportCenter (SBOM export and distribution)
|
|
|
|
## Related Documentation
|
|
|
|
- Architecture: `./architecture.md`
|
|
- Scanner: `../scanner/`
|
|
- Attestor: `../attestor/`
|
|
- Data Schemas: `../../11_DATA_SCHEMAS.md`
|
|
|
|
## Current Status
|
|
|
|
Implemented with PostgreSQL storage backend. Supports SBOM ingestion, versioning, and lineage tracking. Provides API for SBOM queries and temporal analysis.
|