Skip to main content

CLI tool of boman.ai

Project description

Introduction

Boman CLI is a Orchestration script written in python to run security scans on the local or CI/CD environment and upload the results to Boman.ai SaaS server.

Installation

pip install boman-cli

Getting Started

For help

boman-cli -h

Authentication of project has been moved from boman.yaml to boman-cli

boman-cli -a run -at <project token> -ct <customer token>

To obtain project token and customer token. Go to SaaS platform. Click on Apps -> app menu of the particular app -> Get Scan Token

To test the boman cli server

boman-cli -a test-saas

To test the boman configuration written in boman.yaml file

boman-cli -a test-yaml

To run the scan

boman-cli -a run

To run the scan on specific Boman SaaS URL (On prem)

boman-cli -a run -u {URL}

To fail build on high/medium/low finding is detected

boman-cli -a run -fb {severity}

Severity can be high, medium or low.

Example: boman-cli -a run -fb high

To custom change the boman.yaml file, pass the custom file name as input for -config argument

boman-cli -a run -config <custom_boman_yaml_file_name_here>

Example: boman-cli -a run -config ./customboman.yaml

To inject custom zap auth session script file, pass the custom file name as input for -zap_session_script argument

boman-cli -a run -zap_session_script <custom_session_script_file_name_here>

Example: boman-cli -a run -zap_session_script ./session.js

Error codes

0 : Successfull scan 1 : Server/SaaS error 2 : Auth error 3 : Docker/System error 4 : Misconfig error

Release Note:

V2.3.0

  • New: The pipeline configuration has been relocated from boman.yaml to the SaaS platform. Navigate to Apps -> App menu -> Configure pipeline to set it up. The current boman.yaml configuration will remain functional until it is officially deprecated.

V2.2.0

- New scan added: IaC.

V2.1.1

- Ignore files or directory for SAST and SCA

V2.1

- New scan added: SBOM.

V2.0

- New scan added: Container scan.
- New Tool added for SCA scan type.

V1.9:

- [Bug fix] Updated the Upload Logs success message

Released on: 21 June 2024

V1.8:

- Adapted to our new Boman SaaS platform

Released on: 20 June 2024

V1.7:

- Fixed docker-request libraries issue
- Zap Authenticated scan 
- Fetch Git details
- custom boman.yaml and zap session script load option

Released on: 21 May 2024

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

boman-cli-2.4.0.tar.gz (28.4 kB view details)

Uploaded Source

File details

Details for the file boman-cli-2.4.0.tar.gz.

File metadata

  • Download URL: boman-cli-2.4.0.tar.gz
  • Upload date:
  • Size: 28.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.10.12

File hashes

Hashes for boman-cli-2.4.0.tar.gz
Algorithm Hash digest
SHA256 667e1bf3b7e98831e6d86fbdce0c4c0d1ec5704af708a05d042d499979271616
MD5 31dd2f234a8c3f6a6fc0292891e6811a
BLAKE2b-256 f662e8c48b2888561a59a087749ec49c2c8b06287837035ff4e70453dd4a3d35

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page