security-orchestrator

Crates.iosecurity-orchestrator
lib.rssecurity-orchestrator
version0.1.6
sourcesrc
created_at2023-01-20 18:56:43.442563
updated_at2024-11-06 19:22:17.723865
descriptionA cli tool for cox automotives security orchestrator.
homepage
repository
max_upload_size
id763639
size133,558
Alexander Montgomery (firefox7025)

documentation

README

Security Orchestrator CLI

image

The Product Security Engineering Team's Security Orchestrator also offers a Command Line Interface option for instances where teams have not yet adopted Github Actions, are not using Jenkins, or want to test out the functionality locally. The CLI tool can be installed via Rust.

Quick Start Guide

  1. Install Rust.
  2. To install execute the following command: cargo install security-orchestrator
  3. Once the Security Orchestrator has been installed, execute the following command to submit code for scans:
    security-orchestrator --application-name --component-id CI123121 --github-token github_token_example --directory 'file or folder path'
    

image

Inputs

  • Either:
    • Component ID (Preferred Option): --component-id
    • Application Name: --application-name
  • Token: --github-token
  • Application Code or Artifact: --directory
    • Valid Formats:
      • Directory (of source code)
      • Binary
      • Existing .zip
  • Optional Parameters:
    • --polling: If you pass --polling true the CLI will wait for results from the scans to come back. You can always cancel the polling with CTRL + C.
    • --scan-id: After you submit a scan the Security Orchestrator will give you back a Scan ID. Pass this Scan ID like so --scan-id {scan-id} to get the results of your scan. If you pass this parameter this will be the only thing the CLI tool looks at. You must remove it if you want to submit a scan.

Examples

Single File

image

ZIP

image

Commit count: 0

cargo fmt