What's supported by Harness SSCA
For information about what's supported for other Harness modules and the Harness Platform overall, go to Supported platforms and technologies.
The Harness SSCA module supports the following components and standards.
SBOM tools
SBOM formats
- SPDX
- CycloneDX
Artifact repositories
- Docker Hub
- GCR
- Amazon ECR
SLSA compliance level
- Level 3, when used along with Harness CI Hosted Builds.
You can generate and sign provenance as per the SLSA v1.0 spec to achieve Level 3 compliance.
Attestation/Provenance generation & verification tools
Policy enforcement attributes
- Component name
- Component version
- License
- Supplier
- PURL