Step 2: Add SBOM Parts to the Bucket
| • | Importing SBOM Parts from SBOM Data Sources |
| • | Manually Creating SBOM Parts |
A bucket can contain any combination of parts imported from one or more sources, as well as parts that are manually created in SBOM Management.
Importing SBOM Parts from SBOM Data Sources
A common and easy way to add SBOM parts to a bucket is to import an SBOM data file. You can import SBOM parts from the following sources:
| • | Any SBOM data file in SPDX v2.2 (.spdx) or CycloneDX v1.4 (.json or .xml) format |
| • | A Revenera Code Insight project export data file (.json) |
This walk-through focuses on importing SBOM parts from one source. However, you can perform imports from multiple sources for your SBOM using the same set of instructions.
To import an existing SBOM:
| 1. | Open the Manage Buckets page (SBOM Management > Manage Buckets). |
| 2. | Locate the bucket into which you want to import parts, click menu icon  at the end of its row, and select Import SBOM. The Import SBOM slideout is opened. |
| 3. | Identify the SBOM data file whose contents you are importing. Use one of these methods: |
| • | In a File Explorer file manager instance currently open, locate the SBOM data file, and drag and drop it into the box indicated on the Import SBOM page. |
| • | Click anywhere within the indicated box on the Import SBOM slideout to open a new instance of the File Explorer or file manager. Within the Explorer or file manager, locate and select the SBOM data file and double-click it (or select Open) to add it to the box. |
| 4. | Click Import. |
The Jobs page (SBOM Management > Jobs) is automatically opened so that you can view the status of your import job.
Once the job is complete, you can view the imported SBOM parts, as described in Step 3: View Your SBOM.
You can click the Create SBOM Part button on the Manage SBOM Parts page to manually create a part to add to a bucket. For example, you can create a part representing a component version not found in the SBOM you imported or a part (such as a code fragment or an image file) not typically identified as a component.
This walk-through does not explain how to create a part manually, but you can refer to Creating an SBOM Part Manually for more information.