Questo contenuto non è disponibile nella lingua selezionata.

Chapter 1. Overview of RHTAP standalone CLIs


You can use five standalone CLIs with RHTAP. They’re shipped with Red Hat products that are either components or dependencies of RHTAP:

To check that a CLI binary is available for your architecture, view Chapter 2. Architectures

1.1. CLIs available with RHTAS

The binaries of the Cosign, Rekor, and EC CLIs are shipped as components of RHTAS. After you’ve installed RHTAS, you can download these binaries from the OpenShift cluster using the OpenShift web console.

Cosign

cosign is a tool for signing container images and verifying the signatures.

Rekor

The rekor tool is a data log that stores metadata of signed software artifacts and provides transparency for signatures of those artifacts. With the Rekor CLI, you can make, verify, and query entries in the Rekor transparency log.

EC

Enterprise Contract (EC) is a tool that enhances security of software supply chains. You can use it to define and enforce security policies for building and testing container images.

1.2. CLI used with RHTPA

Syft

Syft is a CLI tool for generating Software Bill of Materials (SBOMs) for container images or your local file systems. It provides detailed information about packages, libraries, and dependencies of your software or file systems. Transparency on the software composition helps you secure your software supply chain and manage vulnerabilities.

Syft is distributed as a standalone container image through Red Hat Ecosystem Catalog. The container image is available for AMD64 architecture on Linux.

1.3. CLI used with RHACS

roxctl

roxctl is a CLI tool that performs comprehensive security checks. This tool is available to RHTAP users through RHACS. RHTAP pipelines can run three roxctl tasks: roxctl can scan your container images for vulnerabilities and check the build-time violations of your security policies in container images and YAML deployment files.

Red Hat logoGithubRedditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita ilBlog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

© 2024 Red Hat, Inc.