I have a question about generating some files with

adhoc_tool

to be checked back into the repo; specifically, I’m building a Docker image and then generating an SBOM for it with

syft

. I’ve gotten as far as this BUILD file:

system_binary(
    name="syft",
    binary_name="syft",
    # example syft version output:
        # Application: syft
        # Version:    0.96.0
        # BuildDate:  2023-11-08T23:13:04Z
        # GitCommit:  Homebrew
        # GitDescription: [not provided]
        # Platform:   darwin/arm64
        # GoVersion:  go1.21.4
        # Compiler:   gc
    fingerprint=r"^Application: syft\nVersion:\s+0\..*",
    fingerprint_args=["version"]
)

adhoc_tool(
    name="generate",
    runnable=":syft",
    args=["packages", "--output spdx-json=mycobase.spdx.json" "docker:mycobase:latest"],
    execution_dependencies=["src/docker/mycobase/Dockerfile"],
    output_files=["mycobase.spdx.json"],
)

but I’m not sure where to go from here. Pants tells me that

pants run sbom:generate

is not valid because an

adhoc_tool

target is not runnable. Do I need to add an additional

run_shell

target or something that will copy the files out, or is there some other better way of doing this I’m missing?

Yeah, for now you need to do something like what you say. What we do is written in https://github.com/pantsbuild/pants/discussions/18235#discussioncomment-6655594

Thank you, that’s perfect! The shell test to have a way to check if there’s a diff between what’s checked in is handy as well 🙂