buoyant.io

Downloading SBOMs

Releases of Buoyant Enterprise for Linkerd are accompanied by supply chain metadata. While the preferred way to access this metadata is as attestations on the build artifacts, SBOMs can also be downloaded directly.

To download SBOMs for the latest release:

# Docker image SBOMs
for component in controller extension-init proxy proxy-init; do
  for suffix in "" -fips; do
    filename=$component-enterprise-2.19.4$suffix.spdx.json
    curl -sLO https://github.com/BuoyantIO/linkerd-buoyant/releases/download/enterprise-2.19.4/$filename
  done
done

# Rust SBOMs
for component in extension-init controller proxy; do
  filename=enterprise-linkerd.$component.enterprise-2.19.4.spdx.json
  curl -sLO https://github.com/BuoyantIO/linkerd-buoyant/releases/download/enterprise-2.19.4/$filename
done

# BEL code repo SBOM
curl -sLO https://github.com/BuoyantIO/linkerd-buoyant/releases/download/enterprise-2.19.4/enterprise-linkerd.enterprise-2.19.4.spdx.json