kosli fingerprint #
Synopsis #
Calculate the SHA256 fingerprint of an artifact.
Requires --artifact-type flag to be set.
Artifact type can be one of: "file" for files, "dir" for directories, "docker" for docker images.
Fingerprinting docker images can be done using the local docker daemon or the fingerprint can be fetched from a remote registry.
When fingerprinting a 'dir' artifact, you can exclude certain paths from fingerprint calculation
using the --exclude flag.
Excluded paths are relative to the DIR-PATH and can be literal paths or
glob patterns.
The supported glob pattern syntax is what is documented here: https://pkg.go.dev/path/filepath#Match ,
plus the ability to use recursive globs "**"
To specify paths in a directory artifact that should always be excluded from the SHA256 calculation, you can add a .kosli_ignore file to the root of the artifact.
Each line should specify a relative path or path glob to be ignored. You can include comments in this file, using #.
The .kosli_ignore will be treated as part of the artifact like any other file,unless it is explicitly ignored itself.
kosli fingerprint {IMAGE-NAME | FILE-PATH | DIR-PATH} [flags]
Flags #
| Flag | Description |
|---|---|
| -t, --artifact-type string | The type of the artifact to calculate its SHA256 fingerprint. One of: [docker, file, dir]. Only required if you want Kosli to calculate the fingerprint for you (i.e. when you don't specify '--fingerprint' on commands that allow it). |
| -x, --exclude strings | [optional] The comma separated list of directories and files to exclude from fingerprinting. Can take glob patterns. Only applicable for --artifact-type dir. |
| -h, --help | help for fingerprint |
| --registry-password string | [conditional] The docker registry password or access token. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
| --registry-provider string | [conditional] The docker registry provider or url. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
| --registry-username string | [conditional] The docker registry username. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
Flags inherited from parent commands #
| Flag | Description |
|---|---|
| -a, --api-token string | The Kosli API token. |
| -c, --config-file string | [optional] The Kosli config file path. (default "kosli") |
| --debug | [optional] Print debug logs to stdout. A boolean flag https://docs.kosli.com/faq/#boolean-flags (default false) |
| -H, --host string | [defaulted] The Kosli endpoint. (default "https://app.kosli.com") |
| --http-proxy string | [optional] The HTTP proxy URL including protocol and port number. e.g. 'http://proxy-server-ip:proxy-port' |
| -r, --max-api-retries int | [defaulted] How many times should API calls be retried when the API host is not reachable. (default 3) |
| --org string | The Kosli organization. |
Examples Use Cases #
fingerprint a file
kosli fingerprint --artifact-type file file.txt
fingerprint a dir
kosli fingerprint --artifact-type dir mydir
fingerprint a dir while excluding paths
kosli fingerprint --artifact-type dir --exclude logs --exclude *.exe mydir
fingerprint a locally available docker image
kosli fingerprint --artifact-type docker nginx:latest
