poutine
Supply Chain Vulnerability Scanner for Build Pipelines by BoostSecurity.io
Installation
dagger install github.com/boostsecurityio/poutine@v0.16.0
Entrypoint
Return Type
Poutine !
Arguments
Name | Type | Default Value | Description |
---|---|---|---|
config | String | - | Path to the configuration file |
configSrc | Directory | - | Directory containing additional configuration files |
format | String | - | Output format (pretty, json, sarif) |
scm | String | - | SCM platform |
scmBaseUrl | String | - | Base URI of the self-hosted SCM platform |
threads | String | - | The number of threads to use for analysis |
version | String | - | Version of poutine to use |
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
func (m *myModule) example() *Poutine {
return dag.
Poutine()
}
@function
def example() -> dag.Poutine:
return (
dag.poutine()
)
@func()
example(): Poutine {
return dag
.poutine()
}
Types
Poutine 🔗
Poutine analysis options
config() 🔗
Return Type
String !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
config
func (m *myModule) example(ctx context.Context) string {
return dag.
Poutine().
Config(ctx)
}
@function
async def example() -> str:
return await (
dag.poutine()
.config()
)
@func()
async example(): Promise<string> {
return dag
.poutine()
.config()
}
configSrc() 🔗
Return Type
Directory !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
config-src
func (m *myModule) example() *Directory {
return dag.
Poutine().
ConfigSrc()
}
@function
def example() -> dagger.Directory:
return (
dag.poutine()
.config_src()
)
@func()
example(): Directory {
return dag
.poutine()
.configSrc()
}
format() 🔗
Return Type
String !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
format
func (m *myModule) example(ctx context.Context) string {
return dag.
Poutine().
Format(ctx)
}
@function
async def example() -> str:
return await (
dag.poutine()
.format()
)
@func()
async example(): Promise<string> {
return dag
.poutine()
.format()
}
scm() 🔗
Return Type
String !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
scm
func (m *myModule) example(ctx context.Context) string {
return dag.
Poutine().
Scm(ctx)
}
@function
async def example() -> str:
return await (
dag.poutine()
.scm()
)
@func()
async example(): Promise<string> {
return dag
.poutine()
.scm()
}
scmBaseUrl() 🔗
Return Type
String !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
scm-base-url
func (m *myModule) example(ctx context.Context) string {
return dag.
Poutine().
ScmBaseUrl(ctx)
}
@function
async def example() -> str:
return await (
dag.poutine()
.scm_base_url()
)
@func()
async example(): Promise<string> {
return dag
.poutine()
.scmBaseUrl()
}
threads() 🔗
Return Type
String !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
threads
func (m *myModule) example(ctx context.Context) string {
return dag.
Poutine().
Threads(ctx)
}
@function
async def example() -> str:
return await (
dag.poutine()
.threads()
)
@func()
async example(): Promise<string> {
return dag
.poutine()
.threads()
}
version() 🔗
Return Type
String !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
version
func (m *myModule) example(ctx context.Context) string {
return dag.
Poutine().
Version(ctx)
}
@function
async def example() -> str:
return await (
dag.poutine()
.version()
)
@func()
async example(): Promise<string> {
return dag
.poutine()
.version()
}
quiet() 🔗
Return Type
Boolean !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
quiet
func (m *myModule) example(ctx context.Context) bool {
return dag.
Poutine().
Quiet(ctx)
}
@function
async def example() -> bool:
return await (
dag.poutine()
.quiet()
)
@func()
async example(): Promise<boolean> {
return dag
.poutine()
.quiet()
}
container() 🔗
Return Type
Container !
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
container
func (m *myModule) example() *Container {
return dag.
Poutine().
Container()
}
@function
def example() -> dagger.Container:
return (
dag.poutine()
.container()
)
@func()
example(): Container {
return dag
.poutine()
.container()
}
analyzeLocal() 🔗
Analyze a Git repository in a directory
Return Type
String !
Arguments
Name | Type | Default Value | Description |
---|---|---|---|
src | Directory ! | - | No description provided |
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
analyze-local --src DIR_PATH
func (m *myModule) example(ctx context.Context, src *Directory) string {
return dag.
Poutine().
AnalyzeLocal(ctx, src)
}
@function
async def example(src: dagger.Directory) -> str:
return await (
dag.poutine()
.analyze_local(src)
)
@func()
async example(src: Directory): Promise<string> {
return dag
.poutine()
.analyzeLocal(src)
}
analyzeRepo() 🔗
Analyze a remote repository
Return Type
String !
Arguments
Name | Type | Default Value | Description |
---|---|---|---|
repo | String ! | - | Repository to analyze in the format owner/repo |
token | Secret ! | - | SCM access token |
ref | String | - | Git ref to analyze |
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
analyze-repo --repo string --token env:MYSECRET
func (m *myModule) example(ctx context.Context, repo string, token *Secret) string {
return dag.
Poutine().
AnalyzeRepo(ctx, repo, token)
}
@function
async def example(repo: str, token: dagger.Secret) -> str:
return await (
dag.poutine()
.analyze_repo(repo, token)
)
@func()
async example(repo: string, token: Secret): Promise<string> {
return dag
.poutine()
.analyzeRepo(repo, token)
}
analyzeOrg() 🔗
Analyze an organization’s repositories
Return Type
String !
Arguments
Name | Type | Default Value | Description |
---|---|---|---|
org | String ! | - | Organization name |
token | Secret ! | - | SCM access token |
ignoreForks | Boolean | - | Ignore forked repositories |
Example
dagger -m github.com/boostsecurityio/poutine@4d52b8ec756605ecac71aa1f8b13b73827ae2ac7 call \
analyze-org --org string --token env:MYSECRET
func (m *myModule) example(ctx context.Context, org string, token *Secret) string {
return dag.
Poutine().
AnalyzeOrg(ctx, org, token)
}
@function
async def example(org: str, token: dagger.Secret) -> str:
return await (
dag.poutine()
.analyze_org(org, token)
)
@func()
async example(org: string, token: Secret): Promise<string> {
return dag
.poutine()
.analyzeOrg(org, token)
}