From 6d7a2ec1c8555cb89116647c65507027ebe115c0 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 23 Apr 2026 09:15:23 +0000 Subject: [PATCH] docs: update CLI and helm reference for v2.17.1 --- .../kosli_assert_pullrequest_github.md | 2 +- client_reference/kosli_attest_artifact.md | 15 +++++++++------ client_reference/kosli_attest_custom.md | 11 +++++++---- client_reference/kosli_attest_generic.md | 11 +++++++---- client_reference/kosli_attest_jira.md | 11 +++++++---- client_reference/kosli_attest_junit.md | 11 +++++++---- .../kosli_attest_pullrequest_azure.md | 8 ++++---- .../kosli_attest_pullrequest_bitbucket.md | 8 ++++---- .../kosli_attest_pullrequest_github.md | 8 ++++---- .../kosli_attest_pullrequest_gitlab.md | 8 ++++---- client_reference/kosli_attest_snyk.md | 11 +++++++---- client_reference/kosli_attest_sonar.md | 8 ++++---- client_reference/kosli_begin_trail.md | 13 ++++++++----- client_reference/overview.md | 2 +- 14 files changed, 74 insertions(+), 53 deletions(-) diff --git a/client_reference/kosli_assert_pullrequest_github.md b/client_reference/kosli_assert_pullrequest_github.md index 94446c9..c548009 100644 --- a/client_reference/kosli_assert_pullrequest_github.md +++ b/client_reference/kosli_assert_pullrequest_github.md @@ -12,7 +12,7 @@ kosli assert pullrequest github [flags] ``` Assert a Github pull request for a git commit exists. -The command exits with non-zero exit code +The command exits with non-zero exit code if no pull requests were found for the commit. ## Flags diff --git a/client_reference/kosli_attest_artifact.md b/client_reference/kosli_attest_artifact.md index d51c792..f52bb03 100644 --- a/client_reference/kosli_attest_artifact.md +++ b/client_reference/kosli_attest_artifact.md @@ -22,8 +22,11 @@ images in registries or "docker" for local docker images. To specify paths in a directory artifact that should always be excluded from the SHA256 calculation, you can add a `.kosli_ignore` file to the root of the artifact. Each line should specify a relative path or path glob to be ignored. You can include comments in this file, using `#`. The `.kosli_ignore` will be treated as part of the artifact like any other file, unless it is explicitly ignored itself. -This command requires access to a git repo to associate the artifact to the git commit it is originating from. -You can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info` +This command requires access to a git repo to associate the artifact to the git commit it is originating from. +You can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`. +To record repository information, all three of `--repo-id`, `--repo-url`, and `--repository` must be set together. +These are automatically set in GitHub Actions, GitLab CI, Bitbucket Pipelines, and Azure DevOps. +In other CI systems, set them explicitly to capture repository metadata. ## Flags | Flag | Description | @@ -45,11 +48,11 @@ You can optionally redact some of the git commit data sent to Kosli using `--red | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -T, --trail string | The Kosli trail name. | diff --git a/client_reference/kosli_attest_custom.md b/client_reference/kosli_attest_custom.md index 1ce7616..a391be8 100644 --- a/client_reference/kosli_attest_custom.md +++ b/client_reference/kosli_attest_custom.md @@ -25,6 +25,9 @@ You can optionally associate the attestation to a git commit using `--commit` (r You can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`. Note that when the attestation is reported for an artifact that does not yet exist in Kosli, `--commit` is required to facilitate binding the attestation to the right artifact. +To record repository information, all three of `--repo-id`, `--repo-url`, and `--repository` must be set together. +These are automatically set in GitHub Actions, GitLab CI, Bitbucket Pipelines, and Azure DevOps. +In other CI systems, set them explicitly to capture repository metadata. ## Flags | Flag | Description | @@ -47,11 +50,11 @@ binding the attestation to the right artifact. | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -T, --trail string | The Kosli trail name. | | --type string | The name of the custom attestation type. | | -u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the attestation. | diff --git a/client_reference/kosli_attest_generic.md b/client_reference/kosli_attest_generic.md index 9b34c29..a6ddd32 100644 --- a/client_reference/kosli_attest_generic.md +++ b/client_reference/kosli_attest_generic.md @@ -22,6 +22,9 @@ You can optionally associate the attestation to a git commit using `--commit` (r You can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`. Note that when the attestation is reported for an artifact that does not yet exist in Kosli, `--commit` is required to facilitate binding the attestation to the right artifact. +To record repository information, all three of `--repo-id`, `--repo-url`, and `--repository` must be set together. +These are automatically set in GitHub Actions, GitLab CI, Bitbucket Pipelines, and Azure DevOps. +In other CI systems, set them explicitly to capture repository metadata. ## Flags | Flag | Description | @@ -44,11 +47,11 @@ binding the attestation to the right artifact. | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -T, --trail string | The Kosli trail name. | | -u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the attestation. | diff --git a/client_reference/kosli_attest_jira.md b/client_reference/kosli_attest_jira.md index 6d00f78..ac20b58 100644 --- a/client_reference/kosli_attest_jira.md +++ b/client_reference/kosli_attest_jira.md @@ -43,6 +43,9 @@ You can optionally associate the attestation to a git commit using `--commit` (r You can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`. Note that when the attestation is reported for an artifact that does not yet exist in Kosli, `--commit` is required to facilitate binding the attestation to the right artifact. +To record repository information, all three of `--repo-id`, `--repo-url`, and `--repository` must be set together. +These are automatically set in GitHub Actions, GitLab CI, Bitbucket Pipelines, and Azure DevOps. +In other CI systems, set them explicitly to capture repository metadata. ## Flags | Flag | Description | @@ -73,11 +76,11 @@ binding the attestation to the right artifact. | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -T, --trail string | The Kosli trail name. | | -u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the attestation. | diff --git a/client_reference/kosli_attest_junit.md b/client_reference/kosli_attest_junit.md index a332f94..879e207 100644 --- a/client_reference/kosli_attest_junit.md +++ b/client_reference/kosli_attest_junit.md @@ -26,6 +26,9 @@ You can optionally associate the attestation to a git commit using `--commit` (r You can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`. Note that when the attestation is reported for an artifact that does not yet exist in Kosli, `--commit` is required to facilitate binding the attestation to the right artifact. +To record repository information, all three of `--repo-id`, `--repo-url`, and `--repository` must be set together. +These are automatically set in GitHub Actions, GitLab CI, Bitbucket Pipelines, and Azure DevOps. +In other CI systems, set them explicitly to capture repository metadata. ## Flags | Flag | Description | @@ -47,11 +50,11 @@ binding the attestation to the right artifact. | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -R, --results-dir string | [defaulted] The path to a directory with JUnit test results. By default, the directory will be uploaded to Kosli's evidence vault. (default ".") | | -T, --trail string | The Kosli trail name. | | --upload-results | [defaulted] Whether to upload the provided Junit results directory as an attachment to Kosli or not. (default true) | diff --git a/client_reference/kosli_attest_pullrequest_azure.md b/client_reference/kosli_attest_pullrequest_azure.md index 62adb34..9d4c761 100644 --- a/client_reference/kosli_attest_pullrequest_azure.md +++ b/client_reference/kosli_attest_pullrequest_azure.md @@ -44,11 +44,11 @@ The attestation can be bound to an *artifact* in two ways: | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -T, --trail string | The Kosli trail name. | | -u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the attestation. | diff --git a/client_reference/kosli_attest_pullrequest_bitbucket.md b/client_reference/kosli_attest_pullrequest_bitbucket.md index 445d0f6..e7d4b2d 100644 --- a/client_reference/kosli_attest_pullrequest_bitbucket.md +++ b/client_reference/kosli_attest_pullrequest_bitbucket.md @@ -46,11 +46,11 @@ The attestation can be bound to an *artifact* in two ways: | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -T, --trail string | The Kosli trail name. | | -u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the attestation. | diff --git a/client_reference/kosli_attest_pullrequest_github.md b/client_reference/kosli_attest_pullrequest_github.md index 3576e49..32a254c 100644 --- a/client_reference/kosli_attest_pullrequest_github.md +++ b/client_reference/kosli_attest_pullrequest_github.md @@ -44,11 +44,11 @@ The attestation can be bound to an *artifact* in two ways: | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -T, --trail string | The Kosli trail name. | | -u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the attestation. | diff --git a/client_reference/kosli_attest_pullrequest_gitlab.md b/client_reference/kosli_attest_pullrequest_gitlab.md index 63ab846..0fa0556 100644 --- a/client_reference/kosli_attest_pullrequest_gitlab.md +++ b/client_reference/kosli_attest_pullrequest_gitlab.md @@ -44,11 +44,11 @@ The attestation can be bound to an *artifact* in two ways: | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -T, --trail string | The Kosli trail name. | | -u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the attestation. | diff --git a/client_reference/kosli_attest_snyk.md b/client_reference/kosli_attest_snyk.md index 5be0fcb..c7e2f36 100644 --- a/client_reference/kosli_attest_snyk.md +++ b/client_reference/kosli_attest_snyk.md @@ -30,6 +30,9 @@ You can optionally associate the attestation to a git commit using `--commit` (r You can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`. Note that when the attestation is reported for an artifact that does not yet exist in Kosli, `--commit` is required to facilitate binding the attestation to the right artifact. +To record repository information, all three of `--repo-id`, `--repo-url`, and `--repository` must be set together. +These are automatically set in GitHub Actions, GitLab CI, Bitbucket Pipelines, and Azure DevOps. +In other CI systems, set them explicitly to capture repository metadata. ## Flags | Flag | Description | @@ -51,11 +54,11 @@ binding the attestation to the right artifact. | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -R, --scan-results string | The path to Snyk scan SARIF results file from 'snyk test' and 'snyk container test'. By default, the Snyk results will be uploaded to Kosli's evidence vault. | | -T, --trail string | The Kosli trail name. | | --upload-results | [defaulted] Whether to upload the provided Snyk results file as an attachment to Kosli or not. (default true) | diff --git a/client_reference/kosli_attest_sonar.md b/client_reference/kosli_attest_sonar.md index cf269b1..42298b9 100644 --- a/client_reference/kosli_attest_sonar.md +++ b/client_reference/kosli_attest_sonar.md @@ -66,11 +66,11 @@ The attestation can be bound to an *artifact* in two ways: | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | | --registry-password string | [conditional] The container registry password or access token. Only required if you want to read container image SHA256 digest from a remote container registry. | | --registry-username string | [conditional] The container registry username. Only required if you want to read container image SHA256 digest from a remote container registry. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | --sonar-api-token string | [required] SonarQube API token. | | --sonar-ce-task-url string | [conditional] The URL of the SonarQube CE task. Can be used instead of --sonar-working-dir when the report-task.txt file is not accessible, e.g. due to container isolation in CI/CD pipelines. | | --sonar-project-key string | [conditional] The project key of the SonarQube project. Only required if you want to use the project key/revision/pull-request to get the scan results rather than using Sonar's metadata file. | diff --git a/client_reference/kosli_begin_trail.md b/client_reference/kosli_begin_trail.md index 65c5756..c368cad 100644 --- a/client_reference/kosli_begin_trail.md +++ b/client_reference/kosli_begin_trail.md @@ -13,8 +13,11 @@ kosli begin trail TRAIL-NAME [flags] Begin or update a Kosli flow trail. -You can optionally associate the trail to a git commit using `--commit` (requires access to a git repo). And you +You can optionally associate the trail to a git commit using `--commit` (requires access to a git repo). And you can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`. +To record repository information, all three of `--repo-id`, `--repo-url`, and `--repository` must be set together. +These are automatically set in GitHub Actions, GitLab CI, Bitbucket Pipelines, and Azure DevOps. +In other CI systems, set them explicitly to capture repository metadata. `TRAIL-NAME`s must start with a letter or number, and only contain letters, numbers, `.`, `-`, `_`, and `~`. @@ -31,11 +34,11 @@ can optionally redact some of the git commit data sent to Kosli using `--redact- | -h, --help | help for trail | | -o, --origin-url string | [optional] The url pointing to where the attestation came from or is related. (defaulted to the CI url in some CIs: [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) ). | | --redact-commit-info strings | [optional] The list of commit info to be redacted before sending to Kosli. Allowed values are one or more of [author, message, branch]. | -| --repo-id string | [optional] The unique identifier of the repository. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops. | +| --repo-id string | [conditional] The stable, unique identifier for the repository in your VCS provider (e.g. a numeric ID). Do not use the repository name as it can change if the repo is renamed. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repo-provider string | [optional] The source code hosting provider. One of: github, gitlab, bitbucket, azure-devops (defaulted in some CIs: [docs](/ci-defaults) ). | | --repo-root string | [defaulted] The directory where the source git repository is available. Only used if --commit is used or defaulted in CI, see [docs](/integrations/ci_cd/#defaulted-kosli-command-flags-from-ci-variables) . (default ".") | -| --repo-url string | [optional] The URL of the repository. Must be a valid URL if provided. (defaulted in some CIs: [docs](/ci-defaults) ). | -| --repository string | [optional] The name of a git repo as it is registered in Kosli. e.g kosli-dev/cli | +| --repo-url string | [conditional] The URL of the repository. Must be a valid URL. All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | +| --repository string | [conditional] The name of the repository (e.g. owner/repo-name). All three of --repo-id, --repo-url and --repository must be set to record repository information (defaulted in some CIs: [docs](/ci-defaults) ). | | -f, --template-file string | [optional] The path to a yaml template file. | | -u, --user-data string | [optional] The path to a JSON file containing additional data you would like to attach to the flow trail. | diff --git a/client_reference/overview.md b/client_reference/overview.md index e92a46d..aa25451 100644 --- a/client_reference/overview.md +++ b/client_reference/overview.md @@ -4,7 +4,7 @@ description: "Reference documentation for the Kosli CLI." --- - This reference was generated from Kosli CLI **v2.17.0**. + This reference was generated from Kosli CLI **v2.17.1**. The Kosli CLI allows you to interact with Kosli from your terminal and CI/CD pipelines.