Synopsis
input.trails (an array), unlike
evaluate trail which passes input.trail (a single object).
Use --attestations to enrich the input with detailed attestation data
(e.g. pull request approvers, scan results). Use --show-input to inspect the
full data structure available to the policy. Use --output json for structured output.
Flags
| Flag | Description |
|---|---|
| —attestations strings | [optional] Limit which attestations are included. Plain name for trail-level, dot-qualified (artifact.name) for artifact-level. |
| -f, —flow string | The Kosli flow name. |
| -h, —help | help for trails |
| -o, —output string | [defaulted] The format of the output. Valid formats are: [table, json]. (default “table”) |
| -p, —policy string | Path to a Rego policy file to evaluate against the trails. |
| —show-input | [optional] Include the policy input data in the output. |
Flags inherited from parent commands
| Flag | Description |
|---|---|
| -a, —api-token string | The Kosli API token. |
| -c, —config-file string | [optional] The Kosli config file path. (default “kosli”) |
| —debug | [optional] Print debug logs to stdout. A boolean flag docs (default false) |
| -H, —host string | [defaulted] The Kosli endpoint. (default “https://app.kosli.com”) |
| —http-proxy string | [optional] The HTTP proxy URL including protocol and port number. e.g. ‘http://proxy-server-ip:proxy-port’ |
| -r, —max-api-retries int | [defaulted] How many times should API calls be retried when the API host is not reachable. (default 3) |
| —org string | The Kosli organization. |
Examples Use Cases
These examples all assume that the flags--api-token, --org, --host, (and --flow, --trail when required), are set/provided.
evaluate multiple trails against a policy
evaluate multiple trails against a policy
evaluate trails with attestation enrichment
evaluate trails with attestation enrichment
evaluate trails with JSON output and show the policy input
evaluate trails with JSON output and show the policy input