-t, --artifact-type string |
[conditional] The type of the artifact to calculate its SHA256 fingerprint. One of: [docker, file, dir]. Only required if you don't specify '--fingerprint'. |
--attachments strings |
[optional] The comma-separated list of paths of attachments for the reported attestation. Attachments can be files or directories. All attachments are compressed and uploaded to Kosli's evidence vault. |
-g, --commit string |
[optional] The git commit associated to the attestation. (defaulted in some CIs: https://docs.kosli.com/ci-defaults ). |
-C, --compliant |
[defaulted] Whether the attestation is compliant or not. A boolean flag https://docs.kosli.com/faq/#boolean-flags (default true) |
--description string |
[optional] attestation description |
-D, --dry-run |
[optional] Run in dry-run mode. When enabled, no data is sent to Kosli and the CLI exits with 0 exit code regardless of any errors. |
-x, --exclude strings |
[optional] The comma separated list of directories and files to exclude from fingerprinting. Can take glob patterns. Only applicable for --artifact-type dir. |
--external-fingerprint stringToString |
[optional] A SHA256 fingerprint of an external attachment represented by --external-url. The format is label=fingerprint (labels cannot contain '.' or '='). This flag can be set multiple times. There must be an external url with a matching label for each external fingerprint. |
--external-url stringToString |
[optional] Add labeled reference URL for an external resource. The format is label=url (labels cannot contain '.' or '='). This flag can be set multiple times. If the resource is a file or dir, you can optionally add its fingerprint via --external-fingerprint |
-F, --fingerprint string |
[optional] The SHA256 fingerprint of the artifact to attach the attestation to. |
-f, --flow string |
The Kosli flow name. |
-h, --help |
help for generic |
-n, --name string |
The name of the attestation as declared in the flow or trail yaml template. |
-o, --origin-url string |
[optional] The url pointing to where the attestation came from or is related. (defaulted to the CI url in some CIs: https://docs.kosli.com/ci-defaults ). |
--registry-password string |
[conditional] The docker registry password or access token. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
--registry-provider string |
[conditional] The docker registry provider or url. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
--registry-username string |
[conditional] The docker registry username. Only required if you want to read docker image SHA256 digest from a remote docker registry. |
--repo-root string |
[defaulted] The directory where the source git repository is available. Only used if --commit is used. (default ".") |
-T, --trail string |
The Kosli trail name. |
-u, --user-data string |
[optional] The path to a JSON file containing additional data you would like to attach to the attestation. |