1. accurics/accurics-cli@0.2.0

accurics/accurics-cli@0.2.0

Partner
Sections
Scan common Infrastructure-as-Code (IaC) templates like Terraform, Kubernetes YAML, Dockerfile, and OpenFaaS YAML to identify and remediate vulnerabilities before provisioning your cloud-native infrastructure. Maintain app and infrastructure security throughout the build and deployment process.
Created: August 5, 2020Version Published: August 24, 2020Releases: 2
Org Usage:
< 25

Orb Quick Start Guide

Use CircleCI version 2.1 at the top of your .circleci/config.yml file.

1 version: 2.1

Add the orbs stanza below your version, invoking the orb:

1 2 orbs: accurics-cli: accurics/accurics-cli@0.2.0

Use accurics-cli elements in your existing workflows and jobs.

Opt-in to use of uncertified orbs on your organization’s Security settings page.

Usage Examples

scan

The Accurics CircleCI Orb scans IaC (Infrastructure as Code) to help identify vulnerabilities prior to cloud deployment.

1 2 3 4 5 6 7 8 9 10 11 12 orbs: accurics: accurics/accurics-cli@x.y.z version: 2.1 workflows: deploy: jobs: - accurics/accurics_scan: directories: ./your-root fail-on-all-errors: true fail-on-violations: false plan-args: '-var your-var=your-value' terraform-version: latest

Jobs

accurics_scan

Run Accurics scan

Show job Source
PARAMETER
DESCRIPTION
REQUIRED
DEFAULT
TYPE
app-id
Accurics CLI Application Token ID
No
ACCURICS_API_KEY
env_var_name
debug-mode
-
No
false
boolean
directories
A list of directories to scan within this repository separated by a space. (default=current directory)
No
.
string
env-id
Environment ID for Accurics to scan
No
ACCURICS_ENV_ID
env_var_name
fail-on-all-errors
Allows Accurics to fail the build when any errors are encountered (default=true)
No
true
boolean
fail-on-violations
Allows Accurics to fail the build when violations are found (default=true)
No
true
boolean
plan-args
Terraform plan arguments
No
''
string
repo-name
Repository Location
No
__empty__
string
terraform-version
The Terraform version used to process the files in this repository (ex: 0.12.26). (default=latest)
No
latest
string
url
Accurics Application URL
No
https://app.accurics.com
string

Commands

scan

Run Accurics scan

Show command Source
PARAMETER
DESCRIPTION
REQUIRED
DEFAULT
TYPE
app-id
Accurics CLI Application Token ID
No
ACCURICS_API_KEY
env_var_name
debug-mode
-
No
false
boolean
directories
A list of directories to scan within this repository separated by a space. (default=current directory)
No
.
string
env-id
Environment ID for Accurics to scan
No
ACCURICS_ENV_ID
env_var_name
fail-on-all-errors
Allows Accurics to fail the build when any errors are encountered (default=true)
No
true
boolean
fail-on-violations
Allows Accurics to fail the build when violations are found (default=true)
No
true
boolean
plan-args
Terraform plan arguments
No
''
string
repo-name
Repository Location
No
__empty__
string
terraform-version
The Terraform version used to process the files in this repository (ex: 0.12.26). (default=latest)
No
latest
string
url
Accurics Application URL
No
https://app.accurics.com
string

Executors

Orb Source

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 # This code is licensed from CircleCI to the user under the MIT license. # See here for details: https://circleci.com/developer/orbs/licensing commands: scan: description: | Run Accurics scan parameters: app-id: default: ACCURICS_API_KEY description: Accurics CLI Application Token ID type: env_var_name debug-mode: default: false type: boolean directories: default: . description: A list of directories to scan within this repository separated by a space. (default=current directory) type: string env-id: default: ACCURICS_ENV_ID description: Environment ID for Accurics to scan type: env_var_name fail-on-all-errors: default: true description: Allows Accurics to fail the build when any errors are encountered (default=true) type: boolean fail-on-violations: default: true description: Allows Accurics to fail the build when violations are found (default=true) type: boolean plan-args: default: "" description: Terraform plan arguments type: string repo-name: default: __empty__ description: Repository Location type: string terraform-version: default: latest description: 'The Terraform version used to process the files in this repository (ex: 0.12.26). (default=latest)' type: string url: default: https://app.accurics.com description: Accurics Application URL type: string steps: - run: command: | /run-scan.sh -m <<parameters.debug-mode>> -t <<parameters.terraform-version>> -d '<<parameters.directories>>' -a '<<parameters.plan-args>>' -e ${<<parameters.env-id>>} -k ${<<parameters.app-id>>} -r '<<parameters.repo-name>>' -u '<<parameters.url>>' -v <<parameters.fail-on-violations>> -f '<<parameters.fail-on-all-errors>>' name: Scan description: | Scan common Infrastructure-as-Code (IaC) templates like Terraform, Kubernetes YAML, Dockerfile, and OpenFaaS YAML to identify and remediate vulnerabilities before provisioning your cloud-native infrastructure. Maintain app and infrastructure security throughout the build and deployment process. display: home_url: https://www.accurics.com source_url: https://github.com/accurics/accurics-orb examples: scan: description: | The Accurics CircleCI Orb scans IaC (Infrastructure as Code) to help identify vulnerabilities prior to cloud deployment. usage: orbs: accurics: accurics/accurics-cli@x.y.z version: 2.1 workflows: deploy: jobs: - accurics/accurics_scan: directories: ./your-root fail-on-all-errors: true fail-on-violations: false plan-args: -var your-var=your-value terraform-version: latest executors: default: docker: - image: accurics/accurics-orb-cli:latest jobs: accurics_scan: description: | Run Accurics scan executor: name: default parameters: app-id: default: ACCURICS_API_KEY description: Accurics CLI Application Token ID type: env_var_name debug-mode: default: false type: boolean directories: default: . description: A list of directories to scan within this repository separated by a space. (default=current directory) type: string env-id: default: ACCURICS_ENV_ID description: Environment ID for Accurics to scan type: env_var_name fail-on-all-errors: default: true description: Allows Accurics to fail the build when any errors are encountered (default=true) type: boolean fail-on-violations: default: true description: Allows Accurics to fail the build when violations are found (default=true) type: boolean plan-args: default: "" description: Terraform plan arguments type: string repo-name: default: __empty__ description: Repository Location type: string terraform-version: default: latest description: 'The Terraform version used to process the files in this repository (ex: 0.12.26). (default=latest)' type: string url: default: https://app.accurics.com description: Accurics Application URL type: string steps: - checkout - scan: app-id: <<parameters.app-id>> debug-mode: <<parameters.debug-mode>> directories: <<parameters.directories>> env-id: <<parameters.env-id>> fail-on-all-errors: <<parameters.fail-on-all-errors>> fail-on-violations: <<parameters.fail-on-violations>> plan-args: <<parameters.plan-args>> repo-name: <<parameters.repo-name>> terraform-version: <<parameters.terraform-version>> url: <<parameters.url>> version: 2.1
Developer Updates
Get tips to optimize your builds
Or join our research panel and give feedback
By submitting this form, you are agreeing to ourTerms of UseandPrivacy Policy.