readme update

rusakovichma · May 14, 2022 · 8597076 · 8597076
1 parent 459f056
commit 8597076
Showing 1 changed file with 41 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -13,6 +13,47 @@ we just waned to get the threats list for our product. Nothing else"
 The idea behind this product is clear - I want to create something simple that would help to solve this difficult problem.
 Ideally, with <em>one click</em> or <em>a command</em> and with a possibility to integrate it into a pipeline if needed. Inspired by <em>dependency-check</em> architecture and simplicity plus taking in mind that <em>developers just love mapping</em> everything in code, I've created <strong>"TicTaaC"</strong>, which means <em>"Threat modeling-as-a-Code in a Tick"</em>
 
+## Usage
+All the tool is needed is a <strong>data flow code file</strong> described in the <em>yml-like format</em> specially designed for this.<br>
+<strong>The examples</strong> of these files with verbose comments describing every aspect may be found [here](https://github.com/rusakovichma/TicTaaC/tree/master/expl). <br>
 
+### Command Line
+More detailed instructions can be found on the
+[github wiki](https://github.com/rusakovichma/TicTaaC/wiki).
+The latest CLI can be downloaded from github in the [releases section](https://github.com/rusakovichma/TicTaaC/releases). <br>
+On *nix
+```
+$ ./bin/tic-taac.sh -h
+$ ./bin/tic-taac.sh --out . --threatModel [path to threat model file]
+```
+On Windows
+```
+> .\bin\tic-taac.bat -h
+> .\bin\tic-taac.bat --out . --threatModel [path to threat model file]
+```
 
+### Docker
+See [TicTaaC Docker Hub repository](https://hub.docker.com/r/rusakovichma/tic-taac).
+```console
+#!/bin/sh
 
+TT_VERSION="latest"
+THREAT_MODEL_DIR=$HOME/threat-model
+
+# Make sure we are using the latest version
+docker pull rusakovichma/tic-taac:$TT_VERSION
+
+docker run --rm \
+    -e user=$USER \
+    -u $(id -u ${USER}):$(id -g ${USER}) \
+    --volume $THREAT_MODEL_DIR:/threat-model:z \
+    --volume $(pwd)/report:/report:z \
+    rusakovichma/tic-taac:$TT_VERSION \
+    --threatModel /threat-model/simpest-threat-model.yml \
+    --outFormat html \
+    --out /report
+    # Set mitigation strategy for the corresponding threats
+    # --mitigations /threat-model/mitigations.yml
+```
+### Jenkins pipeline
+For TicTaaC usage at Jenkins pipeline, see [Jenkinsfile example](https://github.com/rusakovichma/TicTaaC/blob/master/cicd/Jenkinsfile).