View Applications from Source Repositories

To work with source repository data, you must first use AnchoreCTL or the Anchore API to load the source repository into the Applications view of Enterprise.

Once your data is brought in, you can go to the Applications tab to see the summary of the information. The information is categorized by applications, with sub-categories of application versions available from source repositories.

Source Repository Application Summary

When you select an application version, you will see a list of artifacts associated with that application version.

Source Repository

You can download a report in JSON format for everything in an application. Or, you can download a report for everything in an artifact.

Source Repository SBOM Report

When you select an artifact link, you will see the analysis options for that artifact. You can then view information about the artifact, such as the policies set up, the vulnerabilities, software bill of materials (SBOM) contents, and source metadata information.

Source Repositories Analysis

If you want to set up policies and policy bundles, as well as mappings for an artifact, select the Policies tab and set them up there.

For information about policies, see Policies. For information about adding policy mapping, see Policy Mappings.

Policies

Last modified March 22, 2022