kosli assert artifact
#
Synopsis
#
Assert the compliance status of an artifact in Kosli.
Exits with non-zero code if the artifact has a non-compliant status.
kosli assert artifact [IMAGE-NAME | FILE-PATH | DIR-PATH] [flags]
Flags
#
Flag |
Description |
-t, --artifact-type string |
[conditional] The type of the artifact to calculate its SHA256 fingerprint. One of: [docker, file, dir]. Only required if you don't specify '--sha256' or '--fingerprint'. |
-D, --dry-run |
[optional] Run in dry-run mode. When enabled, no data is sent to Kosli and the CLI exits with 0 exit code regardless of any errors. |
-h, --help |
help for artifact |
-p, --pipeline string |
The Kosli pipeline name. |
--registry-password string |
[conditional] The docker registry password or access token. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
--registry-provider string |
[conditional] The docker registry provider or url. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
--registry-username string |
[conditional] The docker registry username. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
-s, --sha256 string |
[conditional] The SHA256 fingerprint for the artifact. Only required if you don't specify '--artifact-type'. |
Options inherited from parent commands
#
Flag |
Description |
-a, --api-token string |
The Kosli API token. |
-c, --config-file string |
[optional] The Kosli config file path. (default "kosli") |
--debug |
[optional] Print debug logs to stdout. |
-H, --host string |
[defaulted] The Kosli endpoint. (default "https://app.kosli.com") |
-r, --max-api-retries int |
[defaulted] How many times should API calls be retried when the API host is not reachable. (default 3) |
--owner string |
The Kosli user or organization. |
Examples
#
# fail if an artifact has a non-compliant status (using the artifact fingerprint)
kosli assert artifact \
--sha256 184c799cd551dd1d8d5c5f9a5d593b2e931f5e36122ee5c793c1d08a19839cc0 \
--pipeline yourPipelineName \
--api-token yourAPIToken \
--owner yourOrgName
# fail if an artifact has a non-compliant status (using the artifact name and type)
kosli assert artifact library/nginx:1.21 \
--artifact-type docker \
--pipeline yourPipelineName \
--api-token yourAPIToken \
--owner yourOrgName