carbon-black-cloud-container-cli

command module

v1.9.2 Latest Latest Go to latest Published: Apr 10, 2023 License: Apache-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/vmware/carbon-black-cloud-container-cli

Links

Open Source Insights

README ¶

carbon-black-cloud-container-cli

carbon-black-cloud-container-cli (also known as cbctl) is a CLI tool that can be used to scan any container-based images in the command line or in CI/CD pipelines.

Get started

Build the CLI binary

To Linux:

CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
  go build  \
   -tags="containers_image_openpgp exclude_graphdriver_devicemapper exclude_graphdriver_btrfs" \
   -ldflags "-X 'github.com/vmware/carbon-black-cloud-container-cli/internal/version.version=${version}' \
             -X 'github.com/vmware/carbon-black-cloud-container-cli/internal/version.buildDate=${build_date}'" \
   main.go

To MacOS:

CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 \
  go build  \
   -tags="containers_image_openpgp exclude_graphdriver_devicemapper exclude_graphdriver_btrfs" \
   -ldflags "-X 'github.com/vmware/carbon-black-cloud-container-cli/internal/version.version=${version}' \
             -X 'github.com/vmware/carbon-black-cloud-container-cli/internal/version.buildDate=${build_date}'" \
   main.go

CLI binary reference

The detailed usage of cbctl can be found here: Carbon Black Container CLI

Package usage

We exposed bom generation and scan image functions for convenient image scanning process, you can follow the following steps to get started:

Import the package

$ go get -u github.com/vmware/carbon-black-cloud-container-cli

How to take use of CLI packages?

Create a pair of API ID & Key with workloads.container.image (CREATE and READ permissions) access level in Carbon Black Cloud console
Create a RegistryHandler for generating Software Bill of Materials (SBOM) from user's input:
1. Create RegistryHandler: registryHandler := scan.NewRegistryHandler()
2. Get the SBOM (options can be checked below): sbom, err := registryHandler.Generate(input, scan.Option)
Create a ScanHandler for scanning vulnerabilities from SBOM:
1. Create ScanHandler: scanHandler := scan.NewScanHandler(<CBC_saasURL>, <CBC_orgKey>, <apiID>, <apiKey>, <sbom>);
2. Scan the SBOM (options can be checked below): scannedImage, err := scanHandler.Scan(scan.Option)

Scan options

Option Name	Type	Description
ForceScan	bool	Force scan an image no matter it is scanned or not
Credential	string	The auth string used for login to registry, format: `USERNAME[:PASSWORD]`
FullTag	string	The tag set to override in the image
UseDockerDaemon	bool	Use docker daemon to pull the image
ShouldCleanup	bool	Delete the docker image pulled by docker (should only be used when `UserDockerDaemon` is `true`)
Timeout	int	The duration (second) for the scan

Contributing

Please follow CONTRIBUTING.md

License

Apache-2.0

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
cmd Package cmd manages the command-line interface and all of its subcommands.	Package cmd manages the command-line interface and all of its subcommands.
auth Package auth manages the credentials subcommand and utility functions.	Package auth manages the credentials subcommand and utility functions.
config Package config manages the all commands related to config.	Package config manages the all commands related to config.
image Package image manages the image analysis subcommands.	Package image manages the image analysis subcommands.
k8sobject Package k8sobject manages the k8s-resource analysis subcommands.	Package k8sobject manages the k8s-resource analysis subcommands.
user Package user manages the user selection commands.	Package user manages the user selection commands.
version Package version manages the all commands related to version.	Package version manages the all commands related to version.
internal Package internal contains miscellaneous functions and objects useful for image scanning.	Package internal contains miscellaneous functions and objects useful for image scanning.
bus Package bus provides access to a singleton instance of an event bus (provided by the calling application).	Package bus provides access to a singleton instance of an event bus (provided by the calling application).
config Package config provides utilities for configuration keys in the configuration files.	Package config provides utilities for configuration keys in the configuration files.
terminalui Package terminalui provides interface for display handlers	Package terminalui provides interface for display handlers
terminalui/component Package component provides all components for formatting the display.	Package component provides all components for formatting the display.
terminalui/component/eventhandler Package eventhandler will provide all functions to handle the events	Package eventhandler will provide all functions to handle the events
terminalui/component/frame Package frame is a simple implementation on switching across cursor on terminal, based on ANSI.	Package frame is a simple implementation on switching across cursor on terminal, based on ANSI.
terminalui/component/progressformatter Package progressformatter is an implementation based on github.com/wagoodman/go-progress/simple	Package progressformatter is an implementation based on github.com/wagoodman/go-progress/simple
terminalui/component/spinner Package spinner is a simple implementation of spinner component	Package spinner is a simple implementation of spinner component
terminalui/dynamicui Package dynamicui provides display handler for dynamic progress bar in the terminal	Package dynamicui provides display handler for dynamic progress bar in the terminal
terminalui/plainui Package plainui provides display handler for generic terminal	Package plainui provides display handler for generic terminal
util Package util will save all the util for cli.	Package util will save all the util for cli.
util/colorizer Package colorizer provides utilities for showing results data.	Package colorizer provides utilities for showing results data.
util/httptool Package httptool provides utilities for http request	Package httptool provides utilities for http request
util/memorytool Package memorytool contains tools for analyzing memory usage.	Package memorytool contains tools for analyzing memory usage.
util/printtool Package printtool contains all tools used for formatting strings	Package printtool contains all tools used for formatting strings
util/tabletool Package tabletool will manage table utils like generating a table	Package tabletool will manage table utils like generating a table
version Package version contains all metadata for cli.	Package version contains all metadata for cli.
pkg
cberr Package cberr contains all types/interfaces related to customized errors for cli.	Package cberr contains all types/interfaces related to customized errors for cli.
model Package model will save all the model files for presenter & scan & etc.	Package model will save all the model files for presenter & scan & etc.
model/bom Package bom defines the bom struct of syft output Modify based on github.com/anchore/syft/internal/presenter/packages	Package bom defines the bom struct of syft output Modify based on github.com/anchore/syft/internal/presenter/packages
model/image Package image provides models used in the scan commend	Package image provides models used in the scan commend
model/layers
model/resource Package resource provides models used in the k8s-object commend	Package resource provides models used in the k8s-object commend
presenter Package presenter provides utilities for showing results to the user in different format.	Package presenter provides utilities for showing results to the user in different format.
presenter/cyclondx Package cyclondx provides utilities for showing results in cyclondx format	Package cyclondx provides utilities for showing results in cyclondx format
presenter/json Package json provides utilities for showing results in json format	Package json provides utilities for showing results in json format
presenter/table Package table provides utilities for showing results in table format	Package table provides utilities for showing results in table format
scan Package scan manages the scan process to image scanning service	Package scan manages the scan process to image scanning service
validate Package validate manages the validate commands logics	Package validate manages the validate commands logics
test
images/files_and_layers/source/_app