This tool allows easy communication with the FOSSLIGHT Hub server.
It can be utilized for various purposes such as project creation, modification, export Bill of Materials (bom), scanning and upload scan result files.
Python 3.8+
$ pip3 install fosslight_cli
To execute the fosslight-cli command in the terminal, use the following syntax:
$ fosslight-cli [command] [resource name] ([sub-resource name]) [parameters ...]
- command: Specifies the action to be performed.
- create
- update
- get
- export
- apply
- compare
- resource name: Specifies the resource name.
- project
- selfCheck
- config
- code
- partner
- oss
- license
- vulnerability
- maxVulnerability
- yaml
- sub-resource name: Some commands require specifying a sub-resource name.
-
ex.
$ fosslight-cli get project list $ fosslight-cli update project bin $ fosslight-cli get project models
-
- parameters: List of input parameters. Mandatory and optional parameters can be provided.
Command | Syntax | Description |
---|---|---|
create | Create a resource | |
fosslight-cli create project --prjName TEXT Name of the Project [required] --osType TEXT OS type of the Project [required] --distributionType TEXT [required] --networkServerType TEXT [required] --priority TEXT [required] --osTypeEtc TEXT --prjVersion TEXT --publicYn TEXT --comment TEXT --userComment TEXT --watcherEmailList TEXT --modelListToUpdate TEXT --modelReportFile TEXT |
Create a project | |
fosslight-cli create selfCheck --prjName TEXT Name of the Project [required] --prjVersion TEXT Version of the Project |
Create a self-check | |
update | Modify a resource | |
fosslight-cli update project watchers --prjId TEXT project id [required] --emailList TEXT watcher emailList [required] |
Update project watchers | |
fosslight-cli update project models --prjId TEXT project id [required] --modelListToUpdate TEXT [required] |
Update project model list | |
fosslight-cli update project modelFile --prjId TEXT project id [required] --modelReport TEXT [required] |
Update project model list using a model file | |
fosslight-cli update project scan --prjId TEXT project id [required] --dir TEXT project directory path [required] |
Analyze the project directory using FOSSLIGHT scanner and upload bin, src files | |
fosslight-cli update project bin --prjId TEXT project id [required] --ossReport TEXT --binaryTxt TEXT --comment TEXT --resetFlag TEXT |
Upload bin files for the project | |
fosslight-cli update project src --prjId TEXT project id [required] --ossReport TEXT --comment TEXT --resetFlag TEXT |
Upload src files for the project | |
fosslight-cli update project package --prjId TEXT project id [required] --packageFile TEXT [required] --verifyFlag TEXT |
Upload package files for the project | |
fosslight-cli update selfCheck report --selfCheckId TEXT selfCheck id [required] --ossReport TEXT --resetFlag TEXT |
Upload self-check report files | |
fosslight-cli update selfCheck watchers --selfCheckId TEXT selfCheck id [required] --emailList TEXT [required] |
Update self-check watchers | |
fosslight-cli update partner watchers --partnerId TEXT partner id [required] --emailList TEXT [required] |
Update partner watchers | |
fosslight-cli update config -s, --server TEXT Server url -t, --token TEXT Account token |
Update server and authentication token settings | |
get | Retrieve a resource | |
fosslight-cli get project list --createDate TEXT --creator TEXT --division TEXT --modelName TEXT --prjIdList TEXT --status TEXT --updateDate TEXT |
Get project list | |
fosslight-cli get project models --prjIdList TEXT |
Get license list | |
fosslight-cli get license list --licenseName TEXT license name [required] |
Get license list | |
fosslight-cli get oss list --ossName TEXT oss name [required] --ossVersion TEXT oss version --downloadLocation TEXT download location |
Get oss list | |
fosslight-cli get partner list --createDate TEXT --creator TEXT --division TEXT --partnerIdList TEXT --status TEXT --updateDate TEXT |
Get 3rd party list | |
fosslight-cli get config | Get configured server and authentication token | |
fosslight-cli get code --codeType TEXT code type [required] --detailValue TEXT detail value |
Get code information | |
fosslight-cli get maxVulnerability --ossName TEXT oss name [required] --ossVersion TEXT oss version |
Get max vulnerability | |
fosslight-cli get vulnerability --cveId TEXT cve id --ossName TEXT oss name --ossVersion TEXT oss version |
Get vulnerability info | |
fosslight-cli get selfCheck --id TEXT selfCheck id |
Get self-check detail info | |
export | Export resources (usually a file) | |
fosslight-cli export project bom --prjId TEXT project id [required] --mergeSaveFlag TEXT mergeSaveFlag -o, --output TEXT output file path |
Download project bom file | |
fosslight-cli export project bomJson --prjId TEXT project id [required] |
Download project bom information as JSON | |
fosslight-cli export project notice --prjId TEXT project id [required] -o, --output TEXT output file path |
Download project notice file | |
fosslight-cli export selfCheck --selfCheckId TEXT selfCheck id [required] |
self-check export | |
compare | Compare resources | |
fosslight-cli compare project bom --prjId TEXT [required] --compareId TEXT [required] |
Compare the boms of two projects | |
apply | Execute actions defined in a file | |
fosslight-cli apply yaml -f, --file TEXT yaml file path [required] |
Perform actions defined in a YAML file |
Functionality to perform actions defined in a file all at once.
Actions are distinguished based on the kind value.
Example:
-
fosslight-cli apply yaml -f create_project.yaml
# create_project.yaml kind: createProject parameters: prjName: test-project prjVersion: 1 osType: Linux distributionType: "General Model" networkServerType: N priority: P1 update: models: modelListToUpdate: "ASDF|AV/Car/Security > AV|20201010" scan: dir: "~/data/simpleProject"
- Create a project, update model information, and upload the results of scanning the project directory.
-
Update server url and token settings
$ fosslight-cli update config --server http://127.0.0.1:8180 --token xxxx
-
Get configured server and token
$ fosslight-cli get config
-
Create a project
$fosslight-cli create project \ --prjName test_project \ --osType Linux \ --distributionType 'General Model' \ --networkServerType N \ --priority P1
*For code values like osType, you can input numeric codes such as 100, or display values like Linux (case insensitive).
-
Input models
$fosslight-cli update project models \ --prjId 1 \ --modelListToUpdate "ASDF|AV/Car/Security > AV|20201010"
-
Upload bin files
$fosslight-cli update project bin \ --prjId 1 \ --binaryTxt /path/to/file/fosslight_binary_bin_231214_1020.txt \ --ossReport /path/to/file/fosslight_report_231219_prj-10.xlsx
-
Run Scanner & Upload results
$fosslight-cli update project scan --prjId 1 --dir /path/to/project/
-
Retrieve project list
$fosslight-cli get project list