Flow CLI is a command line interface tool to interact with AppSec Flow.
The primary goal of the CLI is to be a developer friendly tool which automates different functionalities, letting users interact more easily with the platform.
You can use the CLI locally and also inside your CI/CD to be able to use the following features:
- Perform security scans project (SAST, SCA, IaC, Container)
- Set policies to block the pipeline depending on different criterias
- Send diff versions of your source code application to later be reviewed by your own security team or Conviso's (when subscribed to our professional services license)
To install the CLI some dependecies are required:
- python3 >= 3.4. See python3 download
- pip. See pip guide
- git. See git download
- Docker. See docker download
If you have system admin privileges just execute one of the following commands.
If you haven't system admin privileges execute one of the following commands.
Check if the install command was well succeeded.
The command will print the current version and exit with success. Now we are ready to proceed.
For running the CLI in the CI/CD, please check the menu with all the different tools that we are integrated. If your tool is not there, please contact us to assess it.
This section will guide you to activate the CLI shell completion feature. This is not required to use the tool so you can skip it if you want.
Open your .bashrc file at ~/.bashrc and place the following snippet in the end of file.
Start a new bash shell session and the shell completion will be available.
Open your .zshrc file at ~/.zshrc and place the following snippet in the end of file.
Start a new zsh shell session and the shell completion will be available.
Start a fish shell session and execute the following command.
Start a new fish shell session and the shell completion will be available.