Skip to content

Latest commit

 

History

History
190 lines (143 loc) · 26.5 KB

README.md

File metadata and controls

190 lines (143 loc) · 26.5 KB

FOSSLIGHT CLI

This tool allows easy communication with the FOSSLIGHT Hub server.
It can be utilized for various purposes such as project creation, modification, export Bill of Materials (bom), scanning and upload scan result files.

📋 Prerequisite

Python 3.8+

🎉 How to install

$ pip3 install fosslight_cli

How to Run

To execute the fosslight-cli command in the terminal, use the following syntax:

$ fosslight-cli [command] [resource name] ([sub-resource name]) [parameters ...]
  • command: Specifies the action to be performed.
    • create
    • update
    • get
    • export
    • apply
    • compare
  • resource name: Specifies the resource name.
    • project
    • selfCheck
    • config
    • code
    • partner
    • oss
    • license
    • vulnerability
    • maxVulnerability
    • yaml
  • sub-resource name: Some commands require specifying a sub-resource name.
    • ex.

      $ fosslight-cli get project list
      $ fosslight-cli update project bin
      $ fosslight-cli get project models
      
  • parameters: List of input parameters. Mandatory and optional parameters can be provided.

Commands

Command Syntax Description
create Create a resource
fosslight-cli create project
  --prjName TEXT Name of the Project [required]
  --osType TEXT OS type of the Project [required]
  --distributionType TEXT [required]
  --networkServerType TEXT [required]
  --priority TEXT [required]
  --osTypeEtc TEXT
  --prjVersion TEXT
  --publicYn TEXT
  --comment TEXT
  --userComment TEXT
  --watcherEmailList TEXT
  --modelListToUpdate TEXT
  --modelReportFile TEXT
Create a project
fosslight-cli create selfCheck
  --prjName TEXT Name of the Project [required]
  --prjVersion TEXT Version of the Project
Create a self-check
update Modify a resource
fosslight-cli update project watchers
  --prjId TEXT project id [required]
  --emailList TEXT watcher emailList [required]
Update project watchers
fosslight-cli update project models
  --prjId TEXT project id [required]
  --modelListToUpdate TEXT [required]
Update project model list
fosslight-cli update project modelFile
  --prjId TEXT project id [required]
  --modelReport TEXT [required]
Update project model list using a model file
fosslight-cli update project scan
  --prjId TEXT project id [required]
  --dir TEXT project directory path [required]
Analyze the project directory using FOSSLIGHT scanner and upload bin, src files
fosslight-cli update project bin
  --prjId TEXT project id [required]
  --ossReport TEXT
  --binaryTxt TEXT
  --comment TEXT
  --resetFlag TEXT
Upload bin files for the project
fosslight-cli update project src
  --prjId TEXT project id [required]
  --ossReport TEXT
  --comment TEXT
  --resetFlag TEXT
Upload src files for the project
fosslight-cli update project package
  --prjId TEXT project id [required]
  --packageFile TEXT [required]
  --verifyFlag TEXT
Upload package files for the project
fosslight-cli update selfCheck report
  --selfCheckId TEXT selfCheck id [required]
  --ossReport TEXT
  --resetFlag TEXT
Upload self-check report files
fosslight-cli update selfCheck watchers
  --selfCheckId TEXT selfCheck id [required]
  --emailList TEXT [required]
Update self-check watchers
fosslight-cli update partner watchers
  --partnerId TEXT partner id [required]
  --emailList TEXT [required]
Update partner watchers
fosslight-cli update config
  -s, --server TEXT Server url
  -t, --token TEXT Account token
Update server and authentication token settings
get Retrieve a resource
fosslight-cli get project list
  --createDate TEXT
  --creator TEXT
  --division TEXT
  --modelName TEXT
  --prjIdList TEXT
  --status TEXT
  --updateDate TEXT
Get project list
fosslight-cli get project models
  --prjIdList TEXT
Get license list
fosslight-cli get license list
  --licenseName TEXT license name [required]
Get license list
fosslight-cli get oss list
  --ossName TEXT oss name [required]
  --ossVersion TEXT oss version
  --downloadLocation TEXT download location
Get oss list
fosslight-cli get partner list
  --createDate TEXT
  --creator TEXT
  --division TEXT
  --partnerIdList TEXT
  --status TEXT
  --updateDate TEXT
Get 3rd party list
fosslight-cli get config Get configured server and authentication token
fosslight-cli get code
  --codeType TEXT code type [required]
  --detailValue TEXT detail value
Get code information
fosslight-cli get maxVulnerability
  --ossName TEXT oss name [required]
  --ossVersion TEXT oss version
Get max vulnerability
fosslight-cli get vulnerability
  --cveId TEXT cve id
  --ossName TEXT oss name
  --ossVersion TEXT oss version
Get vulnerability info
fosslight-cli get selfCheck
  --id TEXT selfCheck id
Get self-check detail info
export Export resources (usually a file)
fosslight-cli export project bom
  --prjId TEXT project id [required]
  --mergeSaveFlag TEXT mergeSaveFlag
  -o, --output TEXT output file path
Download project bom file
fosslight-cli export project bomJson
  --prjId TEXT project id [required]
Download project bom information as JSON
fosslight-cli export project notice
  --prjId TEXT project id [required]
  -o, --output TEXT output file path
Download project notice file
fosslight-cli export selfCheck
  --selfCheckId TEXT selfCheck id [required]
self-check export
compare Compare resources
fosslight-cli compare project bom
  --prjId TEXT [required]
  --compareId TEXT [required]
Compare the boms of two projects
apply Execute actions defined in a file
fosslight-cli apply yaml
  -f, --file TEXT yaml file path [required]
Perform actions defined in a YAML file

Apply

Functionality to perform actions defined in a file all at once.

Actions are distinguished based on the kind value.

createProject

Example:

  • fosslight-cli apply yaml -f create_project.yaml

    # create_project.yaml
    kind: createProject
    parameters:
      prjName: test-project
      prjVersion: 1
      osType: Linux
      distributionType: "General Model"
      networkServerType: N
      priority: P1
    update:
      models:
        modelListToUpdate: "ASDF|AV/Car/Security > AV|20201010"
    scan:
      dir: "~/data/simpleProject"
    • Create a project, update model information, and upload the results of scanning the project directory.

Examples

Config

  • Update server url and token settings

    $ fosslight-cli update config --server http://127.0.0.1:8180 --token xxxx
    
  • Get configured server and token

    $ fosslight-cli get config
    

Project

  • Create a project

    $fosslight-cli create project \
    	--prjName test_project \
    	--osType Linux \
    	--distributionType 'General Model' \
    	--networkServerType N \
    	--priority P1
    

    *For code values like osType, you can input numeric codes such as 100, or display values like Linux (case insensitive).

  • Input models

    $fosslight-cli update project models \
    	--prjId 1 \
    	--modelListToUpdate "ASDF|AV/Car/Security > AV|20201010"
    
  • Upload bin files

    $fosslight-cli update project bin \
    	--prjId 1 \
    	--binaryTxt /path/to/file/fosslight_binary_bin_231214_1020.txt \
    	--ossReport /path/to/file/fosslight_report_231219_prj-10.xlsx
    
  • Run Scanner & Upload results

    $fosslight-cli update project scan --prjId 1 --dir /path/to/project/
    
  • Retrieve project list

    $fosslight-cli get project list