version

Signed-off-by: Julio Jimenez <julio@clickhouse.com>

Author: juliojimenez

entrypoint.sh

@@ -115,7 +115,7 @@ detect_sbom_format() {
 
     # Check if it's SPDX format
     if jq -e '.spdxVersion // .SPDXID' "$sbom_file" > /dev/null 2>&1; then
-        echo "spdx"
+        echo "spdxjson"
         return
     fi
 
@@ -158,7 +158,7 @@ convert_sbom() {
     case "$desired_lower" in
         "cyclonedx")
             log_info "Converting $detected_format SBOM to CycloneDX format"
-            if cyclonedx convert --input-file "$input_file" --output-file "$output_file" --output-format json; then
+            if cyclonedx convert --input-file "$input_file" --input-format "$detected_format" --output-version 1_6 --output-file "$output_file" --output-format json; then
                 log_success "SBOM converted to CycloneDX format"
             else
                 log_error "Failed to convert SBOM to CycloneDX format"

test-cyclone.json

@@ -0,0 +1,76 @@
+{
+    "SPDXID": "SPDXRef-DOCUMENT",
+    "creationInfo": {
+        "created": "2025-06-17T14:03:08Z",
+        "creators": [
+            "Tool: protobom-v0.0.0-20250616135015-0166181cb123+dirty",
+            "Tool: GitHub.com-Dependency-Graph"
+        ]
+    },
+    "dataLicense": "CC0-1.0",
+    "name": "com.github.ClickHouse/ClickBOM",
+    "spdxVersion": "SPDX-2.3",
+    "documentNamespace": "https://spdx.org/spdxdocs/protobom/774f135c-3fad-4cd2-bf7b-1b128c052b87",
+    "packages": [
+        {
+            "SPDXID": "SPDXRef-githubactions-actions-checkout-4..-75c946",
+            "downloadLocation": "NOASSERTION",
+            "externalRefs": [
+                {
+                    "referenceCategory": "PACKAGE_MANAGER",
+                    "referenceLocator": "pkg:githubactions/actions/checkout@4.%2A.%2A",
+                    "referenceType": "purl"
+                }
+            ],
+            "filesAnalyzed": false,
+            "name": "actions/checkout",
+            "versionInfo": "4.*.*"
+        },
+        {
+            "SPDXID": "SPDXRef-githubactions-aws-actions-configure-aws-credentials-4..-75c946",
+            "downloadLocation": "NOASSERTION",
+            "externalRefs": [
+                {
+                    "referenceCategory": "PACKAGE_MANAGER",
+                    "referenceLocator": "pkg:githubactions/aws-actions/configure-aws-credentials@4.%2A.%2A",
+                    "referenceType": "purl"
+                }
+            ],
+            "filesAnalyzed": false,
+            "name": "aws-actions/configure-aws-credentials",
+            "versionInfo": "4.*.*"
+        },
+        {
+            "SPDXID": "SPDXRef-github-ClickHouse-ClickBOM-main-c0418a",
+            "downloadLocation": "git+https://github.com/ClickHouse/ClickBOM",
+            "externalRefs": [
+                {
+                    "referenceCategory": "PACKAGE_MANAGER",
+                    "referenceLocator": "pkg:github/ClickHouse/ClickBOM@main",
+                    "referenceType": "purl"
+                }
+            ],
+            "filesAnalyzed": false,
+            "licenseDeclared": "Apache-2.0",
+            "name": "com.github.ClickHouse/ClickBOM",
+            "versionInfo": "main"
+        }
+    ],
+    "relationships": [
+        {
+            "spdxElementId": "SPDXRef-github-ClickHouse-ClickBOM-main-c0418a",
+            "relatedSpdxElement": "SPDXRef-githubactions-actions-checkout-4..-75c946",
+            "relationshipType": "DEPENDS_ON"
+        },
+        {
+            "spdxElementId": "SPDXRef-github-ClickHouse-ClickBOM-main-c0418a",
+            "relatedSpdxElement": "SPDXRef-githubactions-aws-actions-configure-aws-credentials-4..-75c946",
+            "relationshipType": "DEPENDS_ON"
+        },
+        {
+            "spdxElementId": "SPDXRef-DOCUMENT",
+            "relatedSpdxElement": "SPDXRef-github-ClickHouse-ClickBOM-main-c0418a",
+            "relationshipType": "DESCRIBES"
+        }
+    ]
+}