From a106c0792cfec972a1a94294a3f3fb5643b41ea8 Mon Sep 17 00:00:00 2001 From: mahanth <22050509+gnmahanth@users.noreply.github.com> Date: Wed, 4 Dec 2024 16:45:46 +0530 Subject: [PATCH] update docs related to licence key changes (#81) --- README.md | 15 ++++++++++++++- main.go | 6 ++++-- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 8c4c007..f36822d 100644 --- a/README.md +++ b/README.md @@ -14,17 +14,30 @@ Every [release](https://github.com/deepfence/package-scanner/releases) of packag ## Usage +Run this command to generate a license key. Work/official email id has to be used. +```shell +curl https://license.deepfence.io/threatmapper/generate-license?first_name=&last_name=&email=&company=&resend_email=true +``` + ### Image scan +Set product and licence key to download the vulnerability database needed for the scan + ```shell docker pull longhornio/csi-snapshotter:v6.2.1 +export DEEPFENCE_PRODUCT= +export DEEPFENCE_LICENSE= ./package-scanner -source longhornio/csi-snapshotter:v6.2.1 -container-runtime docker docker pull nginx:latest +export DEEPFENCE_PRODUCT= +export DEEPFENCE_LICENSE= ./package-scanner -source nginx:latest -severity critical ``` ### Directory scan ```shell +export DEEPFENCE_PRODUCT= +export DEEPFENCE_LICENSE= ./package-scanner --source dir: ``` @@ -46,5 +59,5 @@ nginx latest 1403e55ab369 8 d ## Docker image standalone usage example ``` docker pull nginx:latest -docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock --name package-scanner quay.io/deepfenceio/deepfence_package_scanner_cli:2.5.0 -source nginx:latest +docker run -it --rm -e DEEPFENCE_PRODUCT= -e DEEPFENCE_LICENSE= -v /var/run/docker.sock:/var/run/docker.sock --name package-scanner quay.io/deepfenceio/deepfence_package_scanner_cli:2.5.0 -source nginx:latest ``` diff --git a/main.go b/main.go index 6b7379a..e16b7ad 100644 --- a/main.go +++ b/main.go @@ -35,6 +35,8 @@ var ( severities = []string{utils.CRITICAL, utils.HIGH, utils.MEDIUM, utils.LOW} productENV = utils.GetEnvOrDefault("DEEPFENCE_PRODUCT", "ThreatMapper") licenseENV = utils.GetEnvOrDefault("DEEPFENCE_LICENSE", "") + dfConsoleURL = utils.GetEnvOrDefault("DEEPFENCE_MGMT_CONSOLE_URL", "") + dfKey = utils.GetEnvOrDefault("DEEPFENCE_KEY", "") version string userCacheDir string ) @@ -50,10 +52,10 @@ var ( port = flag.String("port", "", "Port for grpc server") output = flag.String("output", utils.TableOutput, "Output format: json or table") quiet = flag.Bool("quiet", false, "Don't display any output in stdout") - consoleURL = flag.String("console-url", "", "Deepfence Management Console URL") + consoleURL = flag.String("console-url", dfConsoleURL, "Deepfence Management Console URL") consolePort = flag.Int("console-port", 443, "Deepfence Management Console Port") vulnerabilityScan = flag.Bool("vulnerability-scan", false, "Publish SBOM to Deepfence Management Console and run Vulnerability Scan") - deepfenceKey = flag.String("deepfence-key", "", "Deepfence key for auth") + deepfenceKey = flag.String("deepfence-key", dfKey, "Deepfence key for auth") source = flag.String("source", "", "Image name (nginx:latest) or directory (dir:/)") scanType = flag.String("scan-type", "base,java,python,ruby,php,javascript,rust,rust-binary,golang,golang-binary,dotnet", "base,java,python,ruby,php,javascript,rust,rust-binary,golang,golang-binary,dotnet") scanID = flag.String("scan-id", "", "(Optional) Scan id")