Documentation
¶
Overview ¶
Copyright (C) 2024 Tim Bastin, l3montree GmbH
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
Index ¶
- Variables
- func Execute()
- func NewAttestCommand() *cobra.Command
- func NewAttestationCommand() *cobra.Command
- func NewCleanCommand() *cobra.Command
- func NewContainerScanningCommand() *cobra.Command
- func NewCurlCommand() *cobra.Command
- func NewDiscoverBaseImageAttestationsCommand() *cobra.Command
- func NewGenerateTagCommand() *cobra.Command
- func NewGetCommand() *cobra.Command
- func NewIaCCommand() *cobra.Command
- func NewInspectCommand() *cobra.Command
- func NewLoginCommand() *cobra.Command
- func NewMergeSBOMSCommand() *cobra.Command
- func NewSCACommand() *cobra.Command
- func NewSarifCommand() *cobra.Command
- func NewSastCommand() *cobra.Command
- func NewSbomCommand() *cobra.Command
- func NewSecretScanningCommand() *cobra.Command
- func NewSignCommand() *cobra.Command
- func NewSlugCommand() *cobra.Command
- func NewVexCommand() *cobra.Command
- type CurlOptions
- type MergeSBOMsConfigFile
Constants ¶
This section is empty.
Variables ¶
var RootCmd = &cobra.Command{ SilenceUsage: true, Use: "devguard-scanner", Short: "Secure your Software Supply Chain", Version: version, DisableAutoGenTag: true, Long: `Secure your Software Supply Chain DevGuard Scanner is a small CLI to help generate, sign and upload SBOMs, SARIF reports and attestations to a DevGuard backend. Use commands like 'sca', 'sarif', and 'attest' to interact with the platform. Configuration can be provided via a ./.devguard config file or environment variables (prefix DEVGUARD_).`, Example: ` # Run Software Composition Analysis on a container image devguard-scanner sca ghcr.io/org/image:tag # Run SCA on a local project directory devguard-scanner sca ./path/to/project # Create and upload an attestation devguard-scanner attest predicate.json ghcr.io/org/image:tag --predicateType https://cyclonedx.org/vex/1.0 # Upload a SARIF report devguard-scanner sarif results.sarif.json`, PersistentPreRunE: func(cmd *cobra.Command, args []string) error { level, err := cmd.Flags().GetString("logLevel") if err != nil { return err } switch level { case "debug": initLogger(slog.LevelDebug) case "info": initLogger(slog.LevelInfo) case "warn": initLogger(slog.LevelWarn) case "error": initLogger(slog.LevelError) default: initLogger(slog.LevelInfo) } if utils.RunsInCI() { slog.Debug("Running in CI") err := utils.GitLister.MarkAllPathsAsSafe() if err != nil { slog.Debug("could not mark all paths as safe", "err", err) } } err = initializeConfig(cmd) if err != nil { return err } return nil }, }
Functions ¶
func NewAttestCommand ¶
func NewAttestationCommand ¶
func NewCleanCommand ¶ added in v0.17.0
NewCleanCommand returns a command that wraps `cosign remove` to clean attestations/signatures. It exposes the same --key and --yes flags as cosign for familiarity.
func NewCurlCommand ¶ added in v0.17.0
func NewDiscoverBaseImageAttestationsCommand ¶ added in v0.19.0
func NewGenerateTagCommand ¶
func NewGetCommand ¶ added in v0.17.0
func NewIaCCommand ¶ added in v0.17.0
func NewInspectCommand ¶
func NewLoginCommand ¶
func NewMergeSBOMSCommand ¶ added in v0.18.7
func NewSCACommand ¶
func NewSarifCommand ¶ added in v0.17.0
func NewSastCommand ¶ added in v0.17.0
func NewSbomCommand ¶ added in v0.17.0
func NewSecretScanningCommand ¶ added in v0.17.0
func NewSignCommand ¶
func NewSlugCommand ¶ added in v0.17.0
func NewVexCommand ¶ added in v0.19.0
Types ¶
type CurlOptions ¶ added in v0.17.0
type CurlOptions struct {
// contains filtered or unexported fields
}
Source Files
Directories