Chapter 1. Overview of RHTAP standalone CLIs


You can use five standalone CLIs with RHTAP. They’re shipped with Red Hat products that are either components or dependencies of RHTAP:

To check that a CLI binary is available for your architecture, view Chapter 2. Architectures

1.1. CLIs available with RHTAS

The binaries of the Cosign, Rekor, and EC CLIs are shipped as components of RHTAS. After you’ve installed RHTAS, you can download these binaries from the OpenShift cluster using the OpenShift web console.

Cosign

cosign is a tool for signing container images and verifying the signatures.

Rekor

The rekor tool is a data log that stores metadata of signed software artifacts and provides transparency for signatures of those artifacts. With the Rekor CLI, you can make, verify, and query entries in the Rekor transparency log.

EC

Enterprise Contract (EC) is a tool that enhances security of software supply chains. You can use it to define and enforce security policies for building and testing container images.

1.2. CLI used with RHTPA

Syft

Syft is a CLI tool for generating Software Bill of Materials (SBOMs) for container images or your local file systems. It provides detailed information about packages, libraries, and dependencies of your software or file systems. Transparency on the software composition helps you secure your software supply chain and manage vulnerabilities.

Syft is distributed as a standalone container image through Red Hat Ecosystem Catalog. The container image is available for AMD64 architecture on Linux.

1.3. CLI used with ACS

roxctl

roxctl is a CLI tool that performs comprehensive security checks. This tool is available to RHTAP users through ACS. RHTAP pipelines can run three roxctl tasks: roxctl can scan your container images for vulnerabilities and check the build-time violations of your security policies in container images and YAML deployment files.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.