Overview
Once installed, you can invoke the CLI using sl:
sl [global options] command [command options] [arguments...]
Windows PowerShell users can invoke the CLI as follows:
# Be sure to execute this command from the directory where you
# saved the sl executable. Alternatively, you can provide the
# relative path (i.e., `<path>\sl.exe`)
sl.exe [global options] command [command options] [arguments...]
The CLI accepts the following commands:
| Command | Description |
|---|---|
| analyze | Analyze applications using preZero |
| auth | Authenticates the CLI with your Qwiet preZero account and associates your applications with your organization |
| check-analysis | Check analysis results against pre-defined build rules |
| check-environment | Check local environment to ensure connectivity and installation of required tools |
| count-lines | Count the lines of code in a given directory |
| ocular | Start Ocular |
| policy | Manage custom policies |
| remediation | Suppress findings |
| subscription | Get subscription information |
| update | Update CLI components |
Global options
You can use the following global options with any sl command.
For easy reuse in future analyses, you can store some command-related information as environment variables (we've provided the specific environment variable below). Note that the values for options set via environment variables override those set in a configuration file (which, in turn, are overridden by those specified via command-line flags).
| Option | Environment variable | Description |
|---|---|---|
--diagnostic | SHIFTLEFT_DIAGNOSTIC | Allows the submission of diagnostic data to Qwiet |
--help, -h | List CLI commands and accepted options | |
--no-auto-update | SHIFTLEFT_NO_AUTO_UPDATE=true | Disables automatic updating of the CLI |
--no-diagnostic | SHIFTLEFT_NO_DIAGNOSTIC=true | Disables the submission of diagnostic data; this is the default setting |
--sl-home <path> | SHIFTLEFT_HOME=<path> | The Qwiet home path for general config and artifacts. Defaults to $HOME/.shiftleft when $HOME exists, and to /etc/shiftleft if $HOME does not exist |
--updates-download-timeout <timeout> | SHIFTLEFT_UPDATES_DOWNLOAD_TIMEOUT=<timeout> | Timeout (e.g. '15m') userd when downloading updates; if this isn't set, the CLI applies no timeouts |
--updates-read-timeout <timeout> | SHIFTLEFT_UPDATES_READ_TIMEOUT=<timeout> | Idle timeout (e.g. '30s') used when downloading data updates; if this isn't set, the CLI applies no timeouts. Default: 3 minutes (3m0s) |
--verbose | SHIFTLEFT_VERBOSE=true | Verbose mode |
--version, -v | Displays the Qwiet CLI version | |
https_proxy=<proxy> | Proxy configuration | |
--strict | SHIFTLEFT_STRICT=true | Treat failures (including a timeout) as errors and exit with an error code accordingly |
Response codes
The sl command returns exit code 0 unless:
- check-analysis determines that a build rule fails;
- There are issues with the configuration file (e.g., invalid configuration, corrupted file);
- There is an error of any type (e.g., missing access token, missing artifact), and the user passes in the
--strictflag.
If any of the above conditions exist, sl exits and returns error code 1.