Skip to content

Commit 15f1302

Browse files
lloeschelloesche
authored
Add CLI docs (#173)
1 parent d8f13b4 commit 15f1302

File tree

2 files changed

+79
-1
lines changed

2 files changed

+79
-1
lines changed

docs/cli.mdx

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
---
2+
sidebar_position: 3
3+
---
4+
5+
# CLI
6+
7+
Fix Enterprise users can use `fixctl` to integrate Fix into their CI/CD pipelines, automate security checks, and more.
8+
9+
## Installation
10+
11+
### Direct Download
12+
13+
| OS | Architecture | Download |
14+
| ------- | ------------ | ------------------------------------------------------------------------------------------------------------ |
15+
| Linux | x86_64 | [Download](https://github.com/someengineering/fixctl/releases/download/0.0.7/fixctl-linux-amd64-0.0.7) |
16+
| Linux | arm64 | [Download](https://github.com/someengineering/fixctl/releases/download/0.0.7/fixctl-linux-arm64-0.0.7) |
17+
| macOS | Universal | [Download](https://github.com/someengineering/fixctl/releases/download/0.0.7/fixctl-macos-universal-0.0.7) |
18+
| Windows | x86_64 | [Download](https://github.com/someengineering/fixctl/releases/download/0.0.7/fixctl-windows-amd64-0.0.7.exe) |
19+
| Windows | arm64 | [Download](https://github.com/someengineering/fixctl/releases/download/0.0.7/fixctl-windows-arm64-0.0.7.exe) |
20+
21+
Once downloaded make the binary executable and move it to a directory in your `PATH`.
22+
23+
### Using Homebrew
24+
25+
To install `fixctl` using [Homebrew](https://brew.sh/), run the following command:
26+
27+
```bash
28+
$ brew install someengineering/tap/fixctl
29+
```
30+
31+
## Usage
32+
33+
```bash
34+
Usage of fixctl:
35+
--csv-headers: CSV headers (comma-separated, relative to /reported by default) (default "id,name,kind,/ancestors.cloud.reported.id,/ancestors.account.reported.id,/ancestors.region.reported.id")
36+
--endpoint: API endpoint URL (env FIX_ENDPOINT) (default "https://app.fix.security")
37+
--format: Output format: json, yaml or csv (default "json")
38+
--help: Display help information (default "false")
39+
--search: Search string (default "")
40+
--token: Auth token (env FIX_TOKEN) (default "")
41+
--with-edges: Include edges in search results (default "false")
42+
--workspace: Workspace ID (env FIX_WORKSPACE) (default "")
43+
```
44+
45+
Go to your [user settings](https://app.fix.security/user-settings) and create an API token. Set the `FIX_TOKEN` environment variable to the token value.
46+
47+
Then go to your [workspace settings](https://app.fix.security/workspace-settings) and export `FIX_WORKSPACE` to the workspace ID you want to query.
48+
49+
```bash title="Example export commands"
50+
$ export FIX_TOKEN=fix_e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
51+
$ export FIX_WORKSPACE=381cf723-65cb-469e-8d63-95d7c5249a8c
52+
```
53+
54+
### Examples
55+
56+
#### Search for orphaned AWS EBS volumes and output CSV format
57+
58+
Search for available AWS EBS volumes that have not been accessed in the last 7 days and output in CSV format.
59+
60+
```bash
61+
$ fixctl --format csv --search "is(aws_ec2_volume) and volume_status = available and last_access > 7d"
62+
vol-0adeedfc71dcbe9d5,ResotoEKS-dynamic-pvc-e575191f-d4f3-4253-96e4-399ded05bf14,aws_ec2_volume,aws,752466027617,eu-central-1
63+
vol-0ae5f3fad85b7b3c6,vol-0ae5f3fad85b7b3c6,aws_ec2_volume,aws,625596817853,eu-central-1
64+
vol-0fe068d91a8aaaced,ResotoEKS-dynamic-pvc-08ded29a-70c9-4d36-9d28-727140850d96,aws_ec2_volume,aws,752466027617,eu-central-1
65+
```
66+
67+
#### Pass data to jq and generate AWS CLI commands
68+
69+
The default output format for `fixctl` is JSON. Here we search for the same orphaned volumes and use [`jq`](https://jqlang.github.io/jq/) to format the output as `aws ec2 delete-volume` commands.
70+
71+
```bash
72+
$ fixctl --search "is(aws_ec2_volume) and volume_status = available and last_access > 30d" | jq -r '. | "aws ec2 delete-volume --volume-id \(.reported.id) --region \(.ancestors.region.reported.id) --profile \(.ancestors.account.reported.id)"'
73+
aws ec2 delete-volume --volume-id vol-0adeedfc71dcbe9d5 --region eu-central-1 --profile 752466027617
74+
aws ec2 delete-volume --volume-id vol-0ae5f3fad85b7b3c6 --region eu-central-1 --profile 625596817853
75+
aws ec2 delete-volume --volume-id vol-0fe068d91a8aaaced --region eu-central-1 --profile 752466027617
76+
```
77+
78+
This output could be piped to a shell and executed directly or saved to a shellscript file for later use.

docs/ui/index.mdx

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
---
2-
sidebar_position: 1
2+
sidebar_position: 2
33
---
44

55
# User interface

0 commit comments

Comments
 (0)