add link to datadog-ci readme for sbom generation

jbcibois-ddhq · jbcibois-ddhq · commit f2c1f5786e22 · 2025-11-27T17:16:31.000+01:00
diff --git a/content/en/security/code_security/software_composition_analysis/setup_static/_index.md b/content/en/security/code_security/software_composition_analysis/setup_static/_index.md
@@ -270,13 +270,20 @@ You can upload SBOMs generated by other tools if they meet these requirements:
 
 Third-party SBOM files are uploaded to Datadog using the [`datadog-ci`](https://github.com/DataDog/datadog-ci/?tab=readme-ov-file#how-to-install-the-cli) command.
 
+You can find optional arguments and other information in the `datadog-ci` [README][22].
+
 You can use the following command to upload your third-party SBOM. Ensure the environment variables `DD_API_KEY`, `DD_APP_KEY`, and `DD_SITE`
 are set to your API key, APP key, and [Datadog site][12], respectively.
 
 ```bash
 datadog-ci sbom upload /path/to/third-party-sbom.json
 ```
 
+<div class="alert alert-info">
+If you already have automatic scanning enabled for a repository, a manual upload will replace any existing result for that commit.
+</div>
+
+
 ## Link results to Datadog services and teams
 
 ### Link results to services
@@ -431,4 +438,4 @@ Datadog stores findings in accordance with our [Data Rentention Periods](https:/
 [19]: https://cyclonedx.org/docs/1.5/json/
 [20]: https://cyclonedx.org/docs/1.6/json/
 [21]: https://docs.github.com/en/repositories/working-with-files/managing-large-files/about-git-large-file-storage
-
+[22]: https://github.com/DataDog/datadog-ci/tree/master/packages/plugin-sbom
