valint_discard
valint discard
Discard evidence
Synopsis
Discard evidence
valint discard [TARGET] [flags]
Optional flags
Flags for discard subcommand
| Short | Long | Description | Default |
|---|---|---|---|
| --current | Discard evidence attached to the current context | ||
| -h | --help | help for discard | |
| --interactive | Force interactive mode for the discard list | ||
| --ref | Evidence store refrence | ||
| --silent | Automatically accept the discard list | ||
| --store | Select evidence store |
Global options flags
Flags for all valint subcommands
| Short | Long | Description | Default |
|---|---|---|---|
| --cache-enable | Enable local cache | true | |
| -c | --config | Configuration file path | |
| -C | --context-type | CI context type, options=[jenkins github circleci azure gitlab travis tekton bitbucket local admission] | |
| --deliverable | Mark as deliverable, options=[true, false] | ||
| -e | --env | Environment keys to include in evidence | |
| -G | --gate | Policy Gate name | |
| -L | --label | Add Custom labels | |
| --level | Log depth level, options=[panic fatal error warning info debug trace] | ||
| --log-context | Attach context to all logs | ||
| --log-file | Output log to file | ||
| -d | --output-directory | Output directory path | "${XDG_CACHE_HOME}/valint" |
| -O | --output-file | Output file name | |
| -p | --pipeline-name | Pipeline name | |
| --predicate-type | Custom Predicate type (generic evidence format) | "http://scribesecurity.com/evidence/generic/v0.1" | |
| -n | --product-key | Product Key | |
| -V | --product-version | Product Version | |
| -q | --quiet | Suppress all logging output | |
| -U | --scribe.client-id | Scribe Client ID (deprecated) | |
| -P | --scribe.client-secret | Scribe Client Token | |
| -D | --scribe.disable | Disable scribe client | |
| -E | --scribe.enable | Enable scribe client (deprecated) | |
| -u | --scribe.url | Scribe API Url | "https://api.scribesecurity.com" |
| -s | --show | Print evidence to stdout | |
| --structured | Enable structured logger | ||
| --timeout | Timeout duration | "120s" | |
| -v | --verbose | Log verbosity level [-v,--verbose=1] = info, [-vv,--verbose=2] = debug |
Examples for running valint discard
valint discard <target>
<target> Target object name format=[<image:tag>, <dir path>, <git url>]
valint discard discard all evidence in local context
valint discard --context-type github discard all evidence in pipeline
valint discard alpine:latest discard all evidence for Docker image
valint discard alpine:latest --silent silently discard evidence
valint discard alpine:latest --interactive ask user before discarding evidence
valint discard alpine:latest --product-key my_product discard all evidence in product
valint discard alpine:latest -vv --product-key my_product --product-version v0.0.1 discard all evidence in product version
valint discard alpine:latest --context-type github discard all evidence for Docker images generated by the current pipeline
valint discard alpine:latest -vv show verbose debug information
Supports the following image sources:
valint discard yourrepo/yourimage:tag defaults to using images from a Docker daemon. If Docker is not present, the image is pulled directly from the registry.
You can also explicitly specify the scheme to use:
valint discard docker:yourrepo/yourimage:tag explicitly use the Docker daemon
valint discard docker-archive:path/to/yourimage.tar use a tarball from disk for archives created from "docker save"
valint discard oci-archive:path/to/yourimage.tar use a tarball from disk for OCI archives (from Skopeo or otherwise)
valint discard dir:path/to/yourproject read directly from a path on disk (any directory)
valint discard registry:yourrepo/yourimage:tag pull image directly from a registry (no container runtime required)
valint discard file:path/to/yourproject/file read directly from a path on disk (any single file)
SEE ALSO
- valint - Validate Supply Chain Integrity