nctl scan helm

nctl scan helm

scan helm-charts

nctl scan helm [flags]

Examples


  # Scan a Helm chart from a local path
  nctl scan helm -r /path/to/helm-chart

  # Scan a Helm chart with a specific policy set
  nctl scan helm -r /path/to/helm-chart --policy-sets pss-baseline,pss-restricted

  # Scan a Helm chart with local and remote policy files
  nctl scan helm -r /path/to/helm-chart -p /path/to/policy.yaml,https://github.com/example/policy.yaml

  # Specify output format and save results to a file
  nctl scan helm -r /path/to/helm-chart -o json --output-file results.json

  # Enable detailed result view for violating resources
  nctl scan helm -r /path/to/helm-chart --details

  # Disable color in the scan report output
  nctl scan helm -r /path/to/helm-chart --no-color

Options

      --audit-as-warn            Report violations from policies in audit mode as warnings instead of failures
      --details                  Show result details for violating resources
  -e, --exceptions strings       Policy exceptions to be considered when evaluating policies against resources
  -h, --help                     help for helm
      --insecure                 allow connection to an address with a self-signed or non-verifiable certificate (not recommended)
      --kube-context string      the kube context from configured kubeconfig. Default is the current or sole context
      --kubeconfig string        kubeconfig path (defaults to $HOME/.kube/kubeconfig)
      --no-color                 disable the colors for the stdout reports
  -o, --output string            Output format (text, sarif, json, yaml, polr, scan-report) (default "text")
      --output-file string       Output file
  -p, --policies strings         Path to policy files (local path, github URL, helm URL)
      --policy-sets strings      Comma-separated policy set names (pss-baseline, pss-restricted, rbac-best-practices)
      --policy-view              Use with --details to reverse the view from resource->policy to policy->resource
      --publish                  Publish reports
      --publish-token string     scan reports publish token
      --report-sourceid string   Add source id for report created for local scan
  -r, --resources strings        Path to resource files (local path, github URL)
      --token string             Nirmata API Login Key (env NIRMATA_TOKEN)
      --url string               Nirmata server base URL (env NIRMATA_URL)
      --values string            File containing values for policy variables
      --values-file strings      Path to values files

Options inherited from parent commands

  -v, --v Level   log level for V logs

SEE ALSO