kosli report evidence artifact pullrequest gitlab #
kosli report evidence artifact pullrequest gitlab is deprecated. See kosli attest commands. Deprecated commands will be removed in a future release.
Synopsis #
Report a Gitlab merge request evidence for an artifact in a Kosli flow.
It checks if a merge request exists for the artifact (based on its git commit) and reports the merge request evidence to the artifact in Kosli.
The artifact fingerprint can be provided directly with the --fingerprint
flag, or
calculated based on --artifact-type
flag.
Artifact type can be one of: "file" for files, "dir" for directories, "oci" for container images in registries or "docker" for local docker images.
kosli report evidence artifact pullrequest gitlab [IMAGE-NAME | FILE-PATH | DIR-PATH] [flags]
Flags #
Flag | Description |
---|---|
-t, --artifact-type string | The type of the artifact to calculate its SHA256 fingerprint. One of: [oci, docker, file, dir]. Only required if you want Kosli to calculate the fingerprint for you (i.e. when you don't specify '--fingerprint' on commands that allow it). |
--assert | [optional] Exit with non-zero code if no pull requests found for the given commit. |
-b, --build-url string | The url of CI pipeline that generated the evidence. (defaulted in some CIs: https://docs.kosli.com/ci-defaults ). |
--commit string | Git commit for which to find pull request evidence. (defaulted in some CIs: https://docs.kosli.com/ci-defaults ). |
-D, --dry-run | [optional] Run in dry-run mode. When enabled, no data is sent to Kosli and the CLI exits with 0 exit code regardless of any errors. |
--evidence-fingerprint string | [optional] The SHA256 fingerprint of the evidence file or dir. |
--evidence-url string | [optional] The external URL where the evidence file or dir is stored. |
-x, --exclude strings | [optional] The comma separated list of directories and files to exclude from fingerprinting. Can take glob patterns. Only applicable for --artifact-type dir. |
-F, --fingerprint string | [conditional] The SHA256 fingerprint of the artifact. Only required if you don't specify '--artifact-type'. |
-f, --flow string | The Kosli flow name. |
--gitlab-base-url string | [optional] Gitlab base URL (only needed for on-prem Gitlab installations). |
--gitlab-org string | Gitlab organization. (defaulted if you are running in Gitlab Pipelines: https://docs.kosli.com/ci-defaults ). |
--gitlab-token string | Gitlab token. |
-h, --help | help for gitlab |
-n, --name string | The name of the evidence. |
--registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. |
--registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. |
--repository string | Git repository. (defaulted in some CIs: https://docs.kosli.com/ci-defaults ). |
-u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the evidence. |
Flags inherited from parent commands #
Flag | Description |
---|---|
-a, --api-token string | The Kosli API token. |
-c, --config-file string | [optional] The Kosli config file path. (default "kosli") |
--debug | [optional] Print debug logs to stdout. A boolean flag https://docs.kosli.com/faq/#boolean-flags (default false) |
-H, --host string | [defaulted] The Kosli endpoint. (default "https://app.kosli.com") |
--http-proxy string | [optional] The HTTP proxy URL including protocol and port number. e.g. 'http://proxy-server-ip:proxy-port' |
-r, --max-api-retries int | [defaulted] How many times should API calls be retried when the API host is not reachable. (default 3) |
--org string | The Kosli organization. |
Examples Use Cases #
report a merge request evidence to kosli for a docker image
kosli report evidence artifact mergerequest gitlab yourDockerImageName \
--artifact-type docker \
--build-url https://exampleci.com \
--name yourEvidenceName \
--flow yourFlowName \
--gitlab-token yourGitlabToken \
--gitlab-org yourGitlabOrg \
--commit yourArtifactGitCommit \
--repository yourGithubGitRepository \
--org yourOrgName \
--api-token yourAPIToken
report a merge request evidence (from an on-prem Gitlab) to kosli for a docker image
kosli report evidence artifact mergerequest gitlab yourDockerImageName \
--artifact-type docker \
--build-url https://exampleci.com \
--name yourEvidenceName \
--flow yourFlowName \
--gitlab-base-url https://gitlab.example.org \
--gitlab-token yourGitlabToken \
--gitlab-org yourGitlabOrg \
--commit yourArtifactGitCommit \
--repository yourGithubGitRepository \
--org yourOrgName \
--api-token yourAPIToken
fail if a merge request does not exist for your artifact
kosli report evidence artifact mergerequest gitlab yourDockerImageName \
--artifact-type docker \
--build-url https://exampleci.com \
--flow yourFlowName \
--gitlab-token yourGitlabToken \
--gitlab-org yourGitlabOrg \
--commit yourArtifactGitCommit \
--repository yourGithubGitRepository \
--org yourOrgName \
--api-token yourAPIToken \
--assert