|
| 1 | +--- |
| 2 | +title: FAQ |
| 3 | +description: "Frequently asked questions" |
| 4 | +--- |
| 5 | + |
| 6 | +<AccordionGroup> |
| 7 | + |
| 8 | +<Accordion title="Where can I find API documentation?"> |
| 9 | +Kosli API documentation is available for logged-in Kosli users at [app.kosli.com/api/v2/doc](https://app.kosli.com/api/v2/doc/). |
| 10 | +You can also find the link at [app.kosli.com](https://app.kosli.com) after clicking your avatar (top-right corner of the page). |
| 11 | +</Accordion> |
| 12 | + |
| 13 | +<Accordion title="Do I have to provide all the flags all the time?"> |
| 14 | +A number of flags won't change their values often (or at all) between commands, like `--org` or `--api-token`. Some will differ between e.g. workflows, like `--flow`. You can define them as environment variables to avoid unnecessary redundancy. Check [Environment variables](/getting_started/install#assigning-flags-via-environment-variables) to learn more. |
| 15 | +</Accordion> |
| 16 | + |
| 17 | +<Accordion title="What is dry run and how to use it?"> |
| 18 | +You can use dry run to disable writing to `app.kosli.com` — e.g. if you're just trying things out, or troubleshooting (dry run will print the payload the CLI would send in a non dry run mode). |
| 19 | + |
| 20 | +There are three ways to enable a dry run: |
| 21 | +1. Use the `--dry-run` flag (no value needed) to enable it per command |
| 22 | +2. Set the `KOSLI_DRY_RUN` environment variable to `true` to enable it globally (e.g. in your terminal or CI) |
| 23 | +3. Set the `KOSLI_API_TOKEN` environment variable to `DRY_RUN` to enable it globally (e.g. in your terminal or CI) |
| 24 | +</Accordion> |
| 25 | + |
| 26 | +<Accordion title="What is the --config-file flag?"> |
| 27 | +A config file is an alternative to using Kosli flags or environment variables. Usually you'd use a config file for values that rarely change — like api token or org — but you can represent all Kosli flags in a config file. The key for each value is the same as the flag name, capitalized, so `--api-token` becomes `API-TOKEN`, and `--org` becomes `ORG`, etc. |
| 28 | + |
| 29 | +You can use JSON, YAML, or TOML format: |
| 30 | + |
| 31 | +<CodeGroup> |
| 32 | +```json kosli-conf.json |
| 33 | +{ |
| 34 | + "ORG": "my-org", |
| 35 | + "API-TOKEN": "123456abcdef" |
| 36 | +} |
| 37 | +``` |
| 38 | + |
| 39 | +```yaml kosli-conf.yaml |
| 40 | +ORG: "my-org" |
| 41 | +API-TOKEN: "123456abcdef" |
| 42 | +``` |
| 43 | +
|
| 44 | +```toml kosli-conf.toml |
| 45 | +ORG = "my-org" |
| 46 | +API-TOKEN = "123456abcdef" |
| 47 | +``` |
| 48 | +</CodeGroup> |
| 49 | + |
| 50 | +When calling a Kosli command you can skip the file extension. For example, to list environments with `org` and `api-token` in the configuration file: |
| 51 | + |
| 52 | +```shell |
| 53 | +kosli list environments --config-file kosli-conf |
| 54 | +``` |
| 55 | + |
| 56 | +`--config-file` defaults to `kosli`, so if you name your file `kosli.<yaml|toml|json>` and the file is in the same location as where you run Kosli commands from, you can skip the `--config-file` altogether. |
| 57 | +</Accordion> |
| 58 | + |
| 59 | +<Accordion title="Reporting the same artifact and evidence multiple times"> |
| 60 | +If an artifact or evidence is reported multiple times there are a few corner cases: |
| 61 | + |
| 62 | +**Template** — When an artifact is reported, the template for the flow is stored together with the artifact. If the template has changed between reports, the last template is considered the template for that artifact. |
| 63 | + |
| 64 | +**Evidence** — If a given named evidence is reported multiple times, the compliance status of the last reported version is considered the compliance state of that evidence. If an artifact is reported multiple times with different git-commits, the last reported version of the named commit-evidence is considered the compliance state. |
| 65 | + |
| 66 | +**Evidence outside the template** — If an artifact has evidence (commit or artifact evidence) that is not part of the template, the state of the extra evidence will affect the overall compliance of the artifact. |
| 67 | +</Accordion> |
| 68 | + |
| 69 | +<Accordion title="How to set compliant status of generic evidence"> |
| 70 | +The `--compliant` flag is a [boolean flag](#boolean-flags). |
| 71 | +To report generic evidence as non-compliant use `--compliant=false`: |
| 72 | + |
| 73 | +```shell |
| 74 | +kosli report evidence artifact generic server:1.0 \ |
| 75 | + --artifact-type docker \ |
| 76 | + --name test \ |
| 77 | + --description "generic test evidence" \ |
| 78 | + --compliant=false \ |
| 79 | + --flow server |
| 80 | +``` |
| 81 | + |
| 82 | +`--compliant` is set to `true` by default, so to report as compliant simply skip the flag altogether. |
| 83 | +</Accordion> |
| 84 | + |
| 85 | +</AccordionGroup> |
| 86 | + |
| 87 | +## Boolean flags |
| 88 | + |
| 89 | +Flags with values can usually be specified with an `=` or with a **space** as a separator. |
| 90 | +For example, `--artifact-type=file` or `--artifact-type file`. |
| 91 | +However, an explicitly specified boolean flag value **must** use an `=`. |
| 92 | +For example, if you try this: |
| 93 | +``` |
| 94 | +kosli attest generic Dockerfile --artifact-type file --compliant true ... |
| 95 | +``` |
| 96 | +You will get an error stating: |
| 97 | +``` |
| 98 | +Error: accepts at most 1 arg(s), received 2 |
| 99 | +``` |
| 100 | +Here, `--artifact-type file` is parsed as if it was `--artifact-type=file`, leaving: |
| 101 | +``` |
| 102 | +kosli attest generic Dockerfile --compliant true ... |
| 103 | +``` |
| 104 | +Then `--compliant` is parsed as if *implicitly* defaulting to `--compliant=true`, leaving: |
| 105 | +``` |
| 106 | +kosli attest generic Dockerfile true ... |
| 107 | +``` |
| 108 | +The parser then sees `Dockerfile` and `true` as the two |
| 109 | +arguments to `kosli attest generic`. |
0 commit comments