Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.kosli.com/llms.txt

Use this file to discover all available pages before exploring further.

Synopsis

kosli evaluate trails TRAIL-NAME [TRAIL-NAME...] [flags]
[BETA] Evaluate multiple trails against a policy. Fetch multiple trails from Kosli and evaluate them together against a Rego policy. The trail data is passed to the policy as input.trails (an array), unlike evaluate trail which passes input.trail (a single object). Use --attestations to enrich the input with detailed attestation data (e.g. pull request approvers, scan results). Use --show-input to inspect the full data structure available to the policy. Use --output json for structured output.

Flags

FlagDescription
—assert[optional] Exit with a non-zero status when the policy denies. This is the current default; pass —assert to lock it in across future releases.
—attestations strings[optional] Limit which attestations are included. Plain name for trail-level, dot-qualified (artifact.name) for artifact-level.
-f, —flow stringThe Kosli flow name.
-h, —helphelp for trails
—no-assert[optional] Print the result and always exit 0, even when the policy denies. Use when this command feeds another tool as a policy decision point.
-o, —output string[defaulted] The format of the output. Valid formats are: [table, json]. (default “table”)
—params string[optional] Policy parameters as inline JSON or @file.json. Available in policies as data.params.
-p, —policy stringPath to a Rego policy file to evaluate against the trails.
—show-input[optional] Include the policy input data in the output.

Flags inherited from parent commands

FlagDescription
-a, —api-token stringThe Kosli API token.
-c, —config-file string[optional] The Kosli config file path. (default “kosli”)
—debug[optional] Print debug logs to stdout. A boolean flag docs (default false)
-H, —host string[defaulted] The Kosli endpoint. (default “https://app.kosli.com”)
—http-proxy string[optional] The HTTP proxy URL including protocol and port number. e.g. http://proxy-server-ip:proxy-port
-r, —max-api-retries int[defaulted] How many times should API calls be retried when the API host is not reachable. (default 3)
—org stringThe Kosli organization.

Examples Use Cases

These examples all assume that the flags --api-token, --org, --host, (and --flow, --trail when required), are set/provided. 
kosli evaluate trails yourTrailName1 yourTrailName2
	--policy yourPolicyFile.rego


kosli evaluate trails yourTrailName1 yourTrailName2
	--policy yourPolicyFile.rego
	--attestations pull-request


kosli evaluate trails yourTrailName1 yourTrailName2
	--policy yourPolicyFile.rego
	--show-input
	--output json


kosli evaluate trails yourTrailName1 yourTrailName2
	--policy yourPolicyFile.rego
	--params '{"min_approvers": 2}'


kosli evaluate trails yourTrailName1 yourTrailName2
	--policy yourPolicyFile.rego
	--no-assert
Last modified on May 8, 2026