Synopsis
--artifact-type flag to be set.
Artifact type can be one of: “file” for files, “dir” for directories, “oci” for container
images in registries or “docker” for local docker images.
Fingerprinting container images can be done using the local docker daemon or the fingerprint can be fetched
from a remote registry.
Note: --artifact-type=docker reads the image’s repo digest via the local Docker daemon, so
the image must have been pushed to or pulled from a registry. A freshly built image (just
docker build) does not have a repo digest. For images already in a registry, prefer
--artifact-type=oci to fetch the digest directly from the registry.
When fingerprinting a ‘dir’ artifact, you can exclude certain paths from fingerprint calculation
using the --exclude flag.
Excluded paths are relative to the DIR-PATH and can be literal paths or glob patterns.
With a directory structure like this foo/bar/zam/file.txt if you are calculating the fingerprint of foo/bar you need to
exclude zam/file.txt which is relative to the DIR-PATH.
The supported glob pattern syntax is what is documented here: https://pkg.go.dev/path/filepath#Match ,
plus the ability to use recursive globs ”**”
If the directory structure contains a symbolic link to a file (for example, a link ‘from/this/file’ and a target of ‘to/another/file’) then:
- the name of the link (‘from/this/file’) is included in the fingerprint.
- the name of the link (‘from/this/file’) is subject to
.kosli_ignoreentries. - the name of the target (‘to/another/file’) is not included in the fingerprint.
- the content of target is included in the fingerprint, even if the target is outside the root directory being fingerprinted.
- the name of the link (‘from/this/dir’) is included in the fingerprint.
- the name of the link (‘from/this/dir’) is subject to
.kosli_ignoreentries. - the name of the target (‘to/another/dir’) is included in the fingerprint, even if the target is outside the root directory being fingerprinted.
- the name of the target (‘to/another/dir’) is not subject to
.kosli_ignoreentries. - the content of the target is not included in the fingerprint.
.kosli_ignore file to the root of the artifact.
Each line should specify a relative path or path glob to be ignored. You can include comments in this file, using #.
The .kosli_ignore will be treated as part of the artifact like any other file, unless it is explicitly ignored itself.
Flags
Flags inherited from parent commands
Live Examples in different CI systems
- GitHub
View an example of the
kosli fingerprint command in GitHub.In this YAML fileExamples Use Cases
These examples all assume that the flags--api-token, --org, --host, (and --flow, --trail when required), are set/provided.
fingerprint a file
fingerprint a file
fingerprint a dir
fingerprint a dir
fingerprint a dir while excluding paths `mydir/logs` and `mydir/*.exe`
fingerprint a dir while excluding paths `mydir/logs` and `mydir/*.exe`
fingerprint a dir while excluding all `.pyc` files
fingerprint a dir while excluding all `.pyc` files
fingerprint a dir while excluding paths in `.kosli_ignore` file
fingerprint a dir while excluding paths in `.kosli_ignore` file
fingerprint a locally available docker image (requires docker daemon running)
fingerprint a locally available docker image (requires docker daemon running)
fingerprint a public image from a remote registry
fingerprint a public image from a remote registry
fingerprint a private image from a remote registry
fingerprint a private image from a remote registry