Implement Author field and Supplier field (#102)

* Implement Author field and Supplier field

Signed-off-by: Robert Smigielski <[email protected]>

* fixup! Implement Author field and Supplier field
Github actions show macos-13 is no longer supported

Signed-off-by: Robert Smigielski <[email protected]>

* fixup! Implement Author field and Supplier field
Github actions deal with gettext on macOS and Poetry support for code coverage

Signed-off-by: Robert Smigielski <[email protected]>

* fixup! Implement Author field and Supplier field
Github actions deal with gettext on macOS and Poetry support for code coverage

Signed-off-by: Robert Smigielski <[email protected]>

* fixup! Implement Author field and Supplier field
Github actions deal with gettext on macOS and Poetry support for code coverage

Signed-off-by: Robert Smigielski <[email protected]>

---------

Signed-off-by: Robert Smigielski <[email protected]>

Author: ptdropper

.github/workflows/python.yml

@@ -49,6 +49,9 @@ jobs:
       - name: Checkout
         # see https://github.com/actions/checkout
         uses: actions/checkout@v6
+      - name: Install gettext (macOS)
+        if: runner.os == 'macOS'
+        run: brew install gettext
       - name: Setup Python Environment
         # see https://github.com/actions/setup-python
         uses: actions/setup-python@v6
@@ -108,12 +111,21 @@ jobs:
       - name: Checkout
         # see https://github.com/actions/checkout
         uses: actions/checkout@v6
+      - name: Install gettext (macOS)
+        if: runner.os == 'macOS'
+        run: brew install gettext
       - name: Setup Python Environment
         # see https://github.com/actions/setup-python
         uses: actions/setup-python@v6
         with:
           python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
           architecture: 'x64'
+      - name: Upgrade pip
+        run: pip install --upgrade pip
+      - name: Install Poetry
+        run: curl -sSL https://install.python-poetry.org | python3 -
+      - name: Add Poetry to PATH
+        run: echo "${HOME}/.local/bin" >> $GITHUB_PATH
       - name: Install self
         run: pip install .
       - name: run command
@@ -128,7 +140,7 @@ jobs:
       matrix:
         os:
           - ubuntu-latest
-          - macos-13  # macos-latest might be incompatible to py38 - see https://github.com/CycloneDX/cyclonedx-python-lib/pull/599#issuecomment-2077462142
+          - macos-15
           - windows-latest
         python-version:
           - "3.13" # highest supported
@@ -143,6 +155,13 @@ jobs:
         uses: actions/checkout@v6
       - name: Create reports directory
         run: mkdir ${{ env.REPORTS_DIR }}
+      - name: Setup Homebrew
+        run: |
+        brew update
+        brew install gettext
+      - name: Install Python Dependencies
+        run: |
+        pip install poetry==2.1.1
       - name: Setup Python Environment
         # see https://github.com/actions/setup-python
         uses: actions/setup-python@v6
@@ -182,6 +201,10 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 5
     steps:
+      - name: Install Poetry
+        run: curl -sSL https://install.python-poetry.org | python3 -
+      - name: Add Poetry to PATH
+        run: echo "${HOME}/.local/bin" >> $GITHUB_PATH
       - name: fetch test artifacts
         # see https://github.com/actions/download-artifact
         uses: actions/download-artifact@v6

README.md

@@ -67,6 +67,8 @@ options:
   -n PRODUCT_NAME       name of the product
   -v PRODUCT_VERSION    product version string
   -m MANUFACTURER_NAME  name of product manufacturer
+  -s SUPPLIER_NAME      name of SBOM Supplier
+  -a AUTHOR_NAME        name of SBOM Author
   -c CPE_INPUT_FILE     cpe file from make show-info
 ```
 

cyclonedx_buildroot/_internal/cli.py

@@ -29,7 +29,7 @@
 from cyclonedx.exception.factory import InvalidLicenseExpressionException
 from cyclonedx.schema import SchemaVersion, OutputFormat
 from cyclonedx.output import make_outputter
-from cyclonedx.model.contact import OrganizationalEntity
+from cyclonedx.model.contact import OrganizationalEntity, OrganizationalContact
 
 
 if TYPE_CHECKING:
@@ -160,6 +160,12 @@ def run(*, argv: Optional[Sequence[str]] = None, **kwargs: Any) -> Union[int, No
     parser.add_argument('-c', action='store', dest='cpe_input_file', default='unknown',
                         help='cpe file from make show-info')
 
+    parser.add_argument('-s', action='store', dest='supplier_name', default='unknown',
+                        help='name of SBOM supplier')
+
+    parser.add_argument('-a', action='store', dest='author_name', default='unknown',
+                        help='name of SBOM author')
+
     args = parser.parse_args(argv)
 
     print('Buildroot manifest input file: ' + args.input_file)
@@ -168,11 +174,16 @@ def run(*, argv: Optional[Sequence[str]] = None, **kwargs: Any) -> Union[int, No
     print('SBOM Product Version: ' + args.product_version)
     print('SBOM Product Manufacturer: ' + args.manufacturer_name)
     print('Buildroot cpe input file: ' + args.cpe_input_file)
+    print('SBOM author: ' + args.author_name)
+    print('SBOM supplier: ' + args.supplier_name)
+
 
     br_bom = Bom()
     br_bom.metadata = BomMetaData(
         manufacturer=OrganizationalEntity(name=args.manufacturer_name),
-        component=Component(name=args.product_name, version=args.product_version)
+        component=Component(name=args.product_name, version=args.product_version),
+        supplier=OrganizationalEntity(name=args.supplier_name),
+        authors=[OrganizationalContact(name=args.author_name)]
     )
 
     br_bom = create_buildroot_sbom(str(args.input_file).strip(" "), str(args.cpe_input_file).strip(" "), br_bom)