@@ -2703,6 +2703,177 @@ Options inherited from parent commands
27032703-y, --yes Skip confirmation
27042704```
27052705
2706+ ## chainloop policy
2707+
2708+ Craft chainloop policies
2709+
2710+ Options
2711+
2712+ ```
2713+ -h, --help help for policy
2714+ ```
2715+
2716+ Options inherited from parent commands
2717+
2718+ ```
2719+ --artifact-cas string URL for the Artifacts Content Addressable Storage API ($CHAINLOOP_ARTIFACT_CAS_API) (default "api.cas.chainloop.dev:443")
2720+ --artifact-cas-ca string CUSTOM CA file for the Artifacts CAS API (optional) ($CHAINLOOP_ARTIFACT_CAS_API_CA)
2721+ -c, --config string Path to an existing config file (default is $HOME/.config/chainloop/config.toml)
2722+ --control-plane string URL for the Control Plane API ($CHAINLOOP_CONTROL_PLANE_API) (default "api.cp.chainloop.dev:443")
2723+ --control-plane-ca string CUSTOM CA file for the Control Plane API (optional) ($CHAINLOOP_CONTROL_PLANE_API_CA)
2724+ --debug Enable debug/verbose logging mode
2725+ -i, --insecure Skip TLS transport during connection to the control plane ($CHAINLOOP_API_INSECURE)
2726+ -n, --org string organization name
2727+ -o, --output string Output format, valid options are json and table (default "table")
2728+ -t, --token string API token. NOTE: Alternatively use the env variable CHAINLOOP_TOKEN
2729+ -y, --yes Skip confirmation
2730+ ```
2731+
2732+ ### chainloop policy develop
2733+
2734+ Tools for policy development
2735+ Refer to https://docs.chainloop.dev/guides/custom-policies
2736+
2737+ Options
2738+
2739+ ```
2740+ -h, --help help for develop
2741+ ```
2742+
2743+ Options inherited from parent commands
2744+
2745+ ```
2746+ --artifact-cas string URL for the Artifacts Content Addressable Storage API ($CHAINLOOP_ARTIFACT_CAS_API) (default "api.cas.chainloop.dev:443")
2747+ --artifact-cas-ca string CUSTOM CA file for the Artifacts CAS API (optional) ($CHAINLOOP_ARTIFACT_CAS_API_CA)
2748+ -c, --config string Path to an existing config file (default is $HOME/.config/chainloop/config.toml)
2749+ --control-plane string URL for the Control Plane API ($CHAINLOOP_CONTROL_PLANE_API) (default "api.cp.chainloop.dev:443")
2750+ --control-plane-ca string CUSTOM CA file for the Control Plane API (optional) ($CHAINLOOP_CONTROL_PLANE_API_CA)
2751+ --debug Enable debug/verbose logging mode
2752+ -i, --insecure Skip TLS transport during connection to the control plane ($CHAINLOOP_API_INSECURE)
2753+ -n, --org string organization name
2754+ -o, --output string Output format, valid options are json and table (default "table")
2755+ -t, --token string API token. NOTE: Alternatively use the env variable CHAINLOOP_TOKEN
2756+ -y, --yes Skip confirmation
2757+ ```
2758+
2759+ #### chainloop policy develop eval
2760+
2761+ Evaluate policy against provided material
2762+
2763+ Synopsis
2764+
2765+ Perform a full evaluation of the policy against the provided material type.
2766+ The command checks if there is a path in the policy for the specified kind and
2767+ evaluates the policy against the provided material or attestation.
2768+
2769+ ```
2770+ chainloop policy develop eval [flags]
2771+ ```
2772+
2773+ Examples
2774+
2775+ ```
2776+
2777+ Evaluate policy against a material file
2778+ chainloop policy eval --material sbom.json --kind SBOM_CYCLONEDX_JSON --annotations key1=value1,key2=value2
2779+ ```
2780+
2781+ Options
2782+
2783+ ```
2784+ --annotations strings key-value pairs of annotations (key=value)
2785+ -h, --help help for eval
2786+ --kind string kind of the material: ["ARTIFACT" "ATTESTATION" "BLACKDUCK_SCA_JSON" "CHAINLOOP_RUNNER_CONTEXT" "CONTAINER_IMAGE" "CSAF_INFORMATIONAL_ADVISORY" "CSAF_SECURITY_ADVISORY" "CSAF_SECURITY_INCIDENT_RESPONSE" "CSAF_VEX" "EVIDENCE" "GHAS_CODE_SCAN" "GHAS_DEPENDENCY_SCAN" "GHAS_SECRET_SCAN" "GITLAB_SECURITY_REPORT" "HELM_CHART" "JACOCO_XML" "JUNIT_XML" "OPENVEX" "SARIF" "SBOM_CYCLONEDX_JSON" "SBOM_SPDX_JSON" "SLSA_PROVENANCE" "STRING" "TWISTCLI_SCAN_JSON" "ZAP_DAST_ZIP"]
2787+ --material string path to material or attestation file
2788+ --policy string path to custom policy file (defaults to policy.yaml)
2789+ ```
2790+
2791+ Options inherited from parent commands
2792+
2793+ ```
2794+ --artifact-cas string URL for the Artifacts Content Addressable Storage API ($CHAINLOOP_ARTIFACT_CAS_API) (default "api.cas.chainloop.dev:443")
2795+ --artifact-cas-ca string CUSTOM CA file for the Artifacts CAS API (optional) ($CHAINLOOP_ARTIFACT_CAS_API_CA)
2796+ -c, --config string Path to an existing config file (default is $HOME/.config/chainloop/config.toml)
2797+ --control-plane string URL for the Control Plane API ($CHAINLOOP_CONTROL_PLANE_API) (default "api.cp.chainloop.dev:443")
2798+ --control-plane-ca string CUSTOM CA file for the Control Plane API (optional) ($CHAINLOOP_CONTROL_PLANE_API_CA)
2799+ --debug Enable debug/verbose logging mode
2800+ -i, --insecure Skip TLS transport during connection to the control plane ($CHAINLOOP_API_INSECURE)
2801+ -n, --org string organization name
2802+ -o, --output string Output format, valid options are json and table (default "table")
2803+ -t, --token string API token. NOTE: Alternatively use the env variable CHAINLOOP_TOKEN
2804+ -y, --yes Skip confirmation
2805+ ```
2806+
2807+ #### chainloop policy develop help
2808+
2809+ Help about any command
2810+
2811+ Synopsis
2812+
2813+ Help provides help for any command in the application.
2814+ Simply type develop help [ path to command] for full details.
2815+
2816+ ```
2817+ chainloop policy develop help [command] [flags]
2818+ ```
2819+
2820+ Options
2821+
2822+ ```
2823+ -h, --help help for help
2824+ ```
2825+
2826+ Options inherited from parent commands
2827+
2828+ ```
2829+ --artifact-cas string URL for the Artifacts Content Addressable Storage API ($CHAINLOOP_ARTIFACT_CAS_API) (default "api.cas.chainloop.dev:443")
2830+ --artifact-cas-ca string CUSTOM CA file for the Artifacts CAS API (optional) ($CHAINLOOP_ARTIFACT_CAS_API_CA)
2831+ -c, --config string Path to an existing config file (default is $HOME/.config/chainloop/config.toml)
2832+ --control-plane string URL for the Control Plane API ($CHAINLOOP_CONTROL_PLANE_API) (default "api.cp.chainloop.dev:443")
2833+ --control-plane-ca string CUSTOM CA file for the Control Plane API (optional) ($CHAINLOOP_CONTROL_PLANE_API_CA)
2834+ --debug Enable debug/verbose logging mode
2835+ -i, --insecure Skip TLS transport during connection to the control plane ($CHAINLOOP_API_INSECURE)
2836+ -n, --org string organization name
2837+ -o, --output string Output format, valid options are json and table (default "table")
2838+ -t, --token string API token. NOTE: Alternatively use the env variable CHAINLOOP_TOKEN
2839+ -y, --yes Skip confirmation
2840+ ```
2841+
2842+ ### chainloop policy help
2843+
2844+ Help about any command
2845+
2846+ Synopsis
2847+
2848+ Help provides help for any command in the application.
2849+ Simply type policy help [ path to command] for full details.
2850+
2851+ ```
2852+ chainloop policy help [command] [flags]
2853+ ```
2854+
2855+ Options
2856+
2857+ ```
2858+ -h, --help help for help
2859+ ```
2860+
2861+ Options inherited from parent commands
2862+
2863+ ```
2864+ --artifact-cas string URL for the Artifacts Content Addressable Storage API ($CHAINLOOP_ARTIFACT_CAS_API) (default "api.cas.chainloop.dev:443")
2865+ --artifact-cas-ca string CUSTOM CA file for the Artifacts CAS API (optional) ($CHAINLOOP_ARTIFACT_CAS_API_CA)
2866+ -c, --config string Path to an existing config file (default is $HOME/.config/chainloop/config.toml)
2867+ --control-plane string URL for the Control Plane API ($CHAINLOOP_CONTROL_PLANE_API) (default "api.cp.chainloop.dev:443")
2868+ --control-plane-ca string CUSTOM CA file for the Control Plane API (optional) ($CHAINLOOP_CONTROL_PLANE_API_CA)
2869+ --debug Enable debug/verbose logging mode
2870+ -i, --insecure Skip TLS transport during connection to the control plane ($CHAINLOOP_API_INSECURE)
2871+ -n, --org string organization name
2872+ -o, --output string Output format, valid options are json and table (default "table")
2873+ -t, --token string API token. NOTE: Alternatively use the env variable CHAINLOOP_TOKEN
2874+ -y, --yes Skip confirmation
2875+ ```
2876+
27062877## chainloop version
27072878
27082879Command line version
0 commit comments