Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
This repository was archived by the owner on Aug 8, 2021. It is now read-only.

nscuro/dependency-track-client

BranchesTags
Open more actions menu

Repository files navigation

dependency-track-client

Build Status PkgGoDev

Unofficial Go client library and CLI for Dependency-Track

⚠ This project is still very much a work in progress. Please, don't use it in CI/CD pipelines yet ⚠

Installation

GO111MODULE=on go get -v github.com/nscuro/dependency-track-client/...

Compatibility

  • Go >= 1.15
  • Dependency-Track >= 4.0.0

API Coverage

The library primarily covers those parts of the Dependency-Track API that are needed for the CLI application. If you'd like to use this library, and your desired functionality is not yet available, please consider creating a PR.

Usage

Usage:
  dtrack [command]

Available Commands:
  audit       Audit for vulnerabilities and policy violations
  bom         Export and Upload BOMs
  help        Help about any command
  report      Generate reports
  version     Display version information

Flags:
  -k, --apikey string            Dependency-Track API Key
  -h, --help                     help for dtrack
      --project string           Project UUID
      --project-name string      Project Name
      --project-version string   Project Version
  -u, --url string               Dependency-Track URL

Dependency-Track's URL and the API key can be provided via environment variables as well:

$ export DTRACK_URL=https://dependencytrack.example.com
$ export DTRACK_APIKEY=0sl67mjen99zxb2y

Examples

Audit

$ ./dtrack audit \
    --project-name Dependency-Track \
    --project-version 3.8.0 \
    --bom ./bom.xml --autocreate \
    --gate ./examples/qualitygate.yaml

BOM

Export
$ ./dtrack bom export \
    --project-name Dependency-Track \
    --project-version 3.8.0 \
    -o bom.xml
Status
$ ./dtrack bom status \
    --token e043867f-b055-465f-814b-38f3330c2ec2
Upload
$ ./dtrack bom upload \
    --project-name Dependency-Track \
    --project-version 3.8.0 \
    --bom bom.xml --autocreate

Report

$ ./dtrack report \
    --project-name Dependency-Track \
    --project-version 3.8.0 \
    --template ./examples/project-report.gohtml \
    --output report.html

About

Unofficial Go client library and CLI for Dependency-Track

Topics

go cli ci dependency-track

Resources

Readme

License

Apache-2.0 license
Activity

Stars

3 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Contributors 2

  •  
  •  

Languages
Morty Proxy This is a proxified and sanitized view of the page, visit original site.