Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Included docs for GUACCollect #121

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

nathannaveen
Copy link
Contributor

* Fixes guacsec#120
* I used an image of the mermaid diagram because I don't know whether guac-docs supports mermaid diagrams

Signed-off-by: nathannaveen <[email protected]>
Copy link

netlify bot commented Mar 11, 2024

Deploy Preview for resonant-wisp-1a517a ready!

Name Link
🔨 Latest commit bbbb3de
🔍 Latest deploy log https://app.netlify.com/sites/resonant-wisp-1a517a/deploys/65ef352be105670008fb7d0d
😎 Deploy Preview https://deploy-preview-121--resonant-wisp-1a517a.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

Copy link
Contributor

@lumjjb lumjjb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for helping document this!! I have a couple questions and nits, but else LGTM.


# Ingesting data with GUACCollect

GUACCollect is a command-line tool within the GUAC ecosystem designed for collecting and ingesting software bill of materials (SBOMs), attestations, and other metadata documents from various sources. This tool supports a wide range of data sources, including GitHub, S3, Google Cloud Storage (GCS), and OCI images, making it a versatile choice for enhancing the visibility and security of your software supply chain.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: guaccollect to match case (and use ` ticks to indicate code)


- A fresh copy of the [GUAC service infrastructure through Docker Compose]({{
site.baseurl }}{%link setup.md %}). Including the `guacone` binary in your path
and [GUAC Data](https://github.com/guacsec/guac-data/archive/refs/heads/main.zip)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, i think we usually recommend cloning GUAC data instead of unzipping - is this a different dataset?

- **Download from OCI Images**: Retrieve SBOMs and attestations embedded in OCI images.
- **File System Collection**: Collect documents directly from a specified file path on your system.

## Usage
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could be helpful to also add some information about the poll option

@funnelfiasco
Copy link
Collaborator

@nathannaveen can you fix the formatter issues (and optionally address Brandon's minor feedback) so we can merge this? I'd also suggest adding the source of your image (as an SVG or the mermaid file or whatever you used to create it) into the repo somewhere so that we can update it later if needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

guaccollect documentation
3 participants