# README
vulcan-core-cli
This repository contains:
-
A tool to execute and monitor Vulcan checks using the Vulcan Core API.
-
A package with a go client to REST vulcan-core api. Import path:
github.com/adevinta/vulcan-core-cli/vulcan-core/client -
A swagger specification of the vulcan core api. Thar spec can be found in: github.com/adevinta/vulcan-core-cli/_resources/swagger.yaml
Installing the cli.
go get -v github.com/adevinta/vulcan-core-cli
Use the cli.
Execute vulcan-core-cli and check its commands and options.
Commands
Current commands are:
scan
It's similar to cscan, but in this case both the list of targets and checktypes must be provided (using the same format than the targets and checktypes filters from above).
Example:
vulcan-core-cli scan targets.txt checktypes.txt -o /tmp/
monitor
After running cscan or scan commands, the checks are executed by Vulcan Core. The monitor command will poll Vulcan Core for the checks status, until all the checks are in a final state (like FINISHED).
Example:
$ vulcan-core-cli monitor /tmp/37620de0-2484-4304-9724-1278ad837937.gob -i 10
Vulcan-core-api
The rest api it's implemented in the vulcan-scan-engine except for the assettypes and checktypes endpoints that are still implemented in the vulcan-persistence.
API Definition
There's a swagger document that describes it.
API Client
The API client is autogenerated in go using the goa framework.
The API design using the goa DSL language can be found in the design folder.
The current client can be imported in go with this import path:
"github.com/adevinta/vulcan-core-cli/vulcan-core/client"
To generate the client the and swagger definition from the goa design files execute:
cd vulcan-core
source clear.sh
source build.sh