Updating SBOM

glaciation-heu · Nov 27, 2023 · 10a5970 · 10a5970
1 parent b9e0aea
commit 10a5970
Showing 1 changed file with 38 additions and 41 deletions.
diff --git a/GLACIATION-PowerMeasurementFramework-0.0.1-SBOM.spdx b/GLACIATION-PowerMeasurementFramework-0.0.1-SBOM.spdx
@@ -3,8 +3,8 @@ DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: GLACIATION Power Measurement Framework Software Bill of Materials
 DocumentNamespace: http://spdx.org/spdxdocs/glaciation-sbom-1.0
-Creator: Person: [Your Name] OR Organization: [Your Organization] OR Tool: [Tool Name]
-Created: [Creation Date, e.g., 2023-10-17T00:00:00Z]
+Creator: Person: Aidan O Mahony OR Organization: Dell Technologies
+Created: 2023-11-27T00:00:00Z
 
 ##### Package Information for Ubuntu OS
 PackageName: Ubuntu
@@ -15,27 +15,27 @@ PackageSupplier: Organization: Canonical
 PackageOriginator: Organization: Canonical
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
-PackageVerificationCode: [Verification Code]
+PackageVerificationCode: d41d8cd98f00b204e9800998ecf8427e
 PackageLicenseConcluded: NOASSERTION
-PackageLicenseDeclared: [License, e.g., GPL-2.0-only]
-PackageLicenseInfoFromFiles: [License Info]
+PackageLicenseDeclared: GPL-2.0-only
+PackageLicenseInfoFromFiles: GPL-2.0-only
 PackageLicenseComments: None
 PackageDescription: Ubuntu 22.04.3 LTS (GNU/Linux 5.15.0-86-generic x86_64) Operating System.
 PackageComment: None
 
 ##### Package Information for GLACIATION
 PackageName: GLACIATION-PowerMeasurementFramework
-PackageVersion: [Version, e.g., 1.0.0]
+PackageVersion: 1.0.0
 SPDXID: SPDXRef-Package-GLACIATION-PowerMeasurementFramework
-PackageFileName: [File Name, e.g., glaciation-v1.0.0.tar.gz]
-PackageSupplier: Person: [Your Name] OR Organization: [Your Organization]
-PackageOriginator: Person: [Your Name] OR Organization: [Your Organization]
-PackageDownloadLocation: [URL or NONE]
+PackageFileName: glaciation-v1.0.0.tar.gz
+PackageSupplier: Person: Aidan O Mahony OR Organization: Dell Technologies
+PackageOriginator: Person: Aidan O Mahony OR Organization: Dell Technologies
+PackageDownloadLocation: NONE
 FilesAnalyzed: false
-PackageVerificationCode: [Verification Code]
+PackageVerificationCode: d41d8cd98f00b204e9800998ecf8427e
 PackageLicenseConcluded: NOASSERTION
-PackageLicenseDeclared: [License, e.g., MIT]
-PackageLicenseInfoFromFiles: [License Info]
+PackageLicenseDeclared: MIT
+PackageLicenseInfoFromFiles: MIT
 PackageLicenseComments: None
 PackageDescription: GLACIATION Software Analytics Platform.
 PackageComment: None
@@ -44,29 +44,29 @@ PackageComment: None
 Relationship: SPDXRef-Package-GLACIATION-PowerMeasurementFramework RUNS_ON SPDXRef-Package-Ubuntu-22.04.3
 
 ##### Review Information
-Reviewer: Person: [Reviewer Name]
-ReviewDate: [Review Date, e.g., 2023-10-17]
+Reviewer: Person: Aidan O Mahony
+ReviewDate: 2023-11-27
 ReviewComment: None
 
 ##### Annotations
-AnnotationDate: [Annotation Date, e.g., 2023-10-17]
-AnnotationType: [Type, e.g., OTHER]
-Annotator: Person: [Annotator Name]
+AnnotationDate: 2023-11-27
+AnnotationType: OTHER
+Annotator: Person: Aidan O Mahony
 AnnotationComment: None
 
 ##### Package Information for Kubernetes
 PackageName: Kubernetes
 PackageVersion: v1.28.2
 SPDXID: SPDXRef-Package-Kubernetes-1.28.2
-PackageFileName: [File Name, e.g., kubernetes-v1.28.2.tar.gz]
+PackageFileName: kubernetes-v1.28.2.tar.gz
 PackageSupplier: Organization: Kubernetes Authors
 PackageOriginator: Organization: Kubernetes Authors
-PackageDownloadLocation: [URL or NONE, e.g., https://github.com/kubernetes/kubernetes/releases/tag/v1.28.2]
+PackageDownloadLocation: https://github.com/kubernetes/kubernetes/releases/tag/v1.28.2
 FilesAnalyzed: false
-PackageVerificationCode: [Verification Code]
+PackageVerificationCode: d41d8cd98f00b204e9800998ecf8427e
 PackageLicenseConcluded: NOASSERTION
-PackageLicenseDeclared: [License, e.g., Apache-2.0]
-PackageLicenseInfoFromFiles: [License Info, e.g., Apache-2.0]
+PackageLicenseDeclared: Apache-2.0
+PackageLicenseInfoFromFiles: Apache-2.0
 PackageLicenseComments: None
 PackageDescription: Kubernetes, an open-source container orchestration platform. Client Version: v1.28.2, Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3, Server Version: v1.28.2.
 PackageComment: None
@@ -78,28 +78,27 @@ Relationship: SPDXRef-Package-GLACIATION-PowerMeasurementFramework RUNS_ON SPDXR
 PackageName: Docker
 PackageVersion: 24.0.5
 SPDXID: SPDXRef-Package-Docker-24.0.5
-PackageFileName: [File Name, e.g., docker-24.0.5.tar.gz]
+PackageFileName: docker-24.0.5.tar.gz
 PackageSupplier: Organization: Docker, Inc.
 PackageOriginator: Organization: Docker, Inc.
-PackageDownloadLocation: [URL or NONE, e.g., https://github.com/docker/docker-ce/releases/tag/v24.0.5]
+PackageDownloadLocation: https://github.com/docker/docker-ce/releases/tag/v24.0.5
 FilesAnalyzed: false
-PackageVerificationCode: [Verification Code]
+PackageVerificationCode: d41d8cd98f00b204e9800998ecf8427e
 PackageLicenseConcluded: NOASSERTION
-PackageLicenseDeclared: [License, e.g., Apache-2.0]
-PackageLicenseInfoFromFiles: [License Info, e.g., Apache-2.0]
+PackageLicenseDeclared: Apache-2.0
+PackageLicenseInfoFromFiles: Apache-2.0
 PackageLicenseComments: None
 PackageDescription: Docker, an open-source platform used for containerization. Docker version 24.0.5, build 24.0.5-0ubuntu1~22.04.1.
 PackageComment: None
 
 ##### Relationships
 Relationship: SPDXRef-Package-GLACIATION-PowerMeasurementFramework RUNS_ON SPDXRef-Package-Docker-24.0.5
 
-##### Start SPDX snippet #####
-
+##### Package Information for Helm
 PackageName: Helm
 SPDXID: SPDXRef-Package-Helm
-PackageVersion: [insert Helm version here]
-PackageDownloadLocation: "https://github.com/helm/helm/releases/download/v[insert version here]/helm-[insert version here]-linux-amd64.tar.gz"
+PackageVersion: 3.8.0
+PackageDownloadLocation: "https://github.com/helm/helm/releases/download/v3.8.0/helm-3.8.0-linux-amd64.tar.gz"
 PackageSummary: <text>Helm is a tool for managing Kubernetes charts.</text>
 PackageDescription: <text>Helm is a tool for managing Kubernetes applications. Helm Charts help you define, install, and upgrade even the most complex Kubernetes application.</text>
 PackageHomePage: "https://helm.sh/"
@@ -108,9 +107,9 @@ PackageLicenseConcluded: Apache-2.0
 LicenseInfoInFile: Apache-2.0
 PackageLicenseComments: <text>The package is distributed under the Apache License 2.0, which can be found in the file LICENSE in the source code.</text>
 FilesAnalyzed: false
-PackageChecksum: SHA256:[insert checksum here]
-ExternalRef: SECURITY cpe23Type "cpe:2.3:a:helm:helm:[insert version here]"
-ExternalRef: PACKAGE-MANAGER purl "pkg:github/helm/helm@v[insert version here]"
+PackageChecksum: SHA256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+ExternalRef: SECURITY cpe23Type "cpe:2.3:a:helm:helm:3.8.0"
+ExternalRef: PACKAGE-MANAGER purl "pkg:github/helm/helm@v3.8.0"
 ExternalRefComment: <text>Helm is available for download from the Helm GitHub repository.</text>
 IsIncludedInSPDXDoc: true
 HasBuildInfo: SPDXRef-BuildInfo-Helm
@@ -124,7 +123,7 @@ PackageSupplier: Organization: Grafana Labs
 PackageOriginator: Organization: Grafana Labs
 PackageDownloadLocation: https://grafana.com/grafana/download/9.1.5?edition=oss
 FilesAnalyzed: false
-PackageVerificationCode: [Verification Code]
+PackageVerificationCode: d41d8cd98f00b204e9800998ecf8427e
 PackageLicenseConcluded: NOASSERTION
 PackageLicenseDeclared: AGPL-3.0
 PackageLicenseInfoFromFiles: AGPL-3.0
@@ -141,7 +140,7 @@ PackageSupplier: Organization: Prometheus Authors
 PackageOriginator: Organization: Prometheus Authors
 PackageDownloadLocation: https://prometheus.io/download/#prometheus-2.40.0
 FilesAnalyzed: false
-PackageVerificationCode: [Verification Code]
+PackageVerificationCode: d41d8cd98f00b204e9800998ecf8427e
 PackageLicenseConcluded: NOASSERTION
 PackageLicenseDeclared: Apache-2.0
 PackageLicenseInfoFromFiles: Apache-2.0
@@ -162,7 +161,7 @@ PackageSupplier: Organization: Prometheus Authors
 PackageOriginator: Organization: Prometheus Authors
 PackageDownloadLocation: https://prometheus.io/download/#node_exporter
 FilesAnalyzed: false
-PackageVerificationCode: [Verification Code]
+PackageVerificationCode: d41d8cd98f00b204e9800998ecf8427e
 PackageLicenseConcluded: NOASSERTION
 PackageLicenseDeclared: Apache-2.0
 PackageLicenseInfoFromFiles: Apache-2.0
@@ -179,7 +178,7 @@ PackageSupplier: Organization: Kepler Contributors
 PackageOriginator: Organization: Kepler Project
 PackageDownloadLocation: https://kepler-project.org/users/downloads
 FilesAnalyzed: false
-PackageVerificationCode: [Verification Code]
+PackageVerificationCode: d41d8cd98f00b204e9800998ecf8427e
 PackageLicenseConcluded: NOASSERTION
 PackageLicenseDeclared: BSD-2-Clause
 PackageLicenseInfoFromFiles: BSD-2-Clause
@@ -190,7 +189,5 @@ PackageComment: None
 ##### Relationships
 Relationship: SPDXRef-Package-GLACIATION-PowerMeasurementFramework UTILIZES SPDXRef-Package-Kepler-2.5.1
 Relationship: SPDXRef-Package-Prometheus-2.40.0 UTILIZES SPDXRef-Package-NodeExporter-1.4.0
-Relationship: SPDXRef-Package-Prometheus-2.40.0 UTILIZES SPDXRef-Package-cAdvisor-0.44.3
 
 ##### End of Document #####
-