Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-06-24 22:20:40 -04:00
Code Issues Projects Releases Packages Wiki Activity

Figure out and document styling of player.

Browse source 
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
This commit is contained in:
Fabian Kammel 2023-02-13 12:26:50 +00:00 committed by Moritz Eckert
parent ad103e6d7a
commit 2f5bb77fbb
12 changed files with 2860 additions and 1114 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/docs/workflows/verify-cli.md
View file

@ -2,7 +2,7 @@
import AsciinemaWidget from '../../src/components/AsciinemaWidget'; import AsciinemaWidget from '../../src/components/AsciinemaWidget';
<AsciinemaWidget src="/constellation/assets/verify-cli.cast" fontSize={16} rows={18} cols={80} idleTimeLimit={3} preload={true} /> <AsciinemaWidget src="/constellation/assets/verify-cli.cast" fontSize={16} rows={18} cols={80} idleTimeLimit={3} preload={true} theme={'edgeless'} />
Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/overview), [Rekor](https://docs.sigstore.dev/rekor/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at https://rekor.sigstore.dev/. Edgeless Systems uses [sigstore](https://www.sigstore.dev/) and [SLSA](https://slsa.dev) to ensure supply-chain security for the Constellation CLI and node images ("artifacts"). sigstore consists of three components: [Cosign](https://docs.sigstore.dev/cosign/overview), [Rekor](https://docs.sigstore.dev/rekor/overview), and Fulcio. Edgeless Systems uses Cosign to sign artifacts. All signatures are uploaded to the public Rekor transparency log, which resides at https://rekor.sigstore.dev/.

61
docs/screencasts/README.md Normal file
View file

@ -0,0 +1,61 @@
# Screencast / Asciinema
[Asciinema](https://github.com/asciinema/asciinema) is used to automatically generate
terminal session recordings for our documentation. To fully automate this we use scripts
that utilize [expect](https://linux.die.net/man/1/expect) to interface with different
CLI tools, and run them inside a [container](docker/Dockerfile).
## Usage
```sh
./generate-screencasts.sh
```
This will:
+ build the container
+ run the expect based scripts
+ copy recordings into the assets folder of our docs
To replay the output you can use `asciinema play recordings/verify-cli.cast`.
Include the generated screencast into our docs using the [`AsciinemaWidget`](../src/components/AsciinemaWidget/index.js):
```md
import AsciinemaWidget from '../../src/components/AsciinemaWidget';
<AsciinemaWidget src="/constellation/assets/verify-cli.cast" fontSize={16} rows={18} cols={80} idleTimeLimit={3} preload={true} theme={'edgeless'} />
```
Then [re-build and locally host the docs](../README.md).
## Styling
There are three different locations were styling is applied:
1. **The prompt** is styled using [ANSI escape codes](https://en.wikipedia.org/wiki/ANSI_escape_code).
More explanation and the actual color codes can be found in [Dockerfile](docker/Dockerfile).
2. **Font size and player dimensions** are passed to the [`AsciinemaWidget`](../src/components/AsciinemaWidget/index.js)
when it is [embedded in the docs](../docs/workflows/verify-cli.md#5). Check the `asciinema-player` for a
[full list of options](https://github.com/asciinema/asciinema-player#options).
3. **Everything else** is [styled via CSS](../src/css/custom.css). This includes the option to build a custom
[player theme](https://github.com/asciinema/asciinema-player/wiki/Custom-terminal-themes).
## GitHub README.md
The GitHub `README.md` does not support embedding the `asciinema-player`, therefore we generate an
`svg` file for that usecase.
{"version": 2, "width": 0, "height": 0, "timestamp": 1676289328, "env": {"SHELL": "/bin/bash", "TERM": "xterm-256color"}}
=> TODO: Automate that change
{"version": 2, "width": 95, "height": 17, "timestamp": 1676289328, "env": {"SHELL": "/bin/bash", "TERM": "xterm-256color"}}
```sh
# https://github.com/nbedos/termtosvg
# Archived since 2020, do we want to change?
pip3 install termtosvg
# Window-frame.svg contains the styling information
termtosvg render recordings/readme.cast readme.svg -t window-frame.svg
cp readme.svg ../static/img/shell-windowframe.svg
```

66
docs/screencasts/demo.svg Normal file
View file

@ -0,0 +1,66 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="terminal" baseProfile="full" viewBox="0 0 143 285" width="143" version="1.1">
<defs>
<termtosvg:template_settings xmlns:termtosvg="https://github.com/nbedos/termtosvg">
<termtosvg:screen_geometry columns="12" rows="12"/>
<termtosvg:animation type="css"/>
</termtosvg:template_settings>
<style type="text/css" id="generated-style"><![CDATA[#screen {
font-family: 'DejaVu Sans Mono', monospace;
font-style: normal;
font-size: 14px;
}
text {
dominant-baseline: text-before-edge;
white-space: pre;
}
:root {
--animation-duration: 1001ms;
}
@keyframes roll {
0.000%{transform:translateY(0px)}
0.100%{transform:translateY(-238px)}
100.000%{transform:translateY(-238px)}
}
#screen_view {
animation-duration: 1001ms;
animation-iteration-count:infinite;
animation-name:roll;
animation-timing-function: steps(1,end);
animation-fill-mode: forwards;
}
]]></style>
<style type="text/css" id="user-style">
/* The colors defined below are the default 16 colors used for rendering text of the terminal. Adjust
them as needed.
gjm8 color theme (source: https://terminal.sexy/) */
/* customized colors 10, 11, and 14 */
.foreground {fill: #f8f8f2}
.background {fill: #272822}
.color0 {fill: #272822}
.color1 {fill: #f92672}
.color2 {fill: #a6e22e}
.color3 {fill: #f4bf75}
.color4 {fill: #66d9ef}
.color5 {fill: #ae81ff}
.color6 {fill: #a1efe4}
.color7 {fill: #f8f8f2}
.color8 {fill: #75715e}
.color9 {fill: #fd971f}
.color10 {fill: #8b04dd}
.color11 {fill: #dcaf3b}
.color12 {fill: #a59f85}
.color13 {fill: #f5f4f1}
.color14 {fill: #90ff99}
.color15 {fill: #f9f8f5}
</style>
</defs>
<rect id="terminalui" class="background" width="100%" height="100%" ry="4.5826941"/>
<circle cx="24" cy="23" r="7" class="color1"/>
<circle cx="44" cy="23" r="7" class="color3"/>
<circle cx="64" cy="23" r="7" class="color2"/>
<svg id="screen" width="96" height="204" x="23" y="50" viewBox="0 0 96 204" preserveAspectRatio="xMidYMin slice"><rect class="background" height="100%" width="100%" x="0" y="0"/><defs><g id="g1"><text x="0" textLength="8" class="background"> </text></g><g id="g2"><text x="0" textLength="96" class="foreground">\[\e[43;30m\</text></g><g id="g3"><text x="0" textLength="96" class="foreground">][\t]\w\r\n[</text></g><g id="g4"><text x="0" textLength="96" class="foreground">\u@\h]\$\[\e</text></g><g id="g5"><text x="0" textLength="40" class="foreground">[0m\]</text><text x="40" textLength="8" class="background"> </text></g></defs><g id="screen_view"><g><rect x="0" y="0" width="8" height="17" class="foreground"/><use xlink:href="#g1" y="0"/></g><g><use xlink:href="#g2" y="238"/><use xlink:href="#g3" y="255"/><use xlink:href="#g4" y="272"/><rect x="40" y="289" width="8" height="17" class="foreground"/><use xlink:href="#g5" y="289"/></g></g></svg>
</svg>
Side by side

After

Width:  |  Height:  |  Size: 3.4 KiB

13
docs/screencasts/docker/Dockerfile
View file

@ -14,9 +14,18 @@ ENV PATH="${PATH}:/usr/local/go/bin:/root/go/bin"
RUN go install github.com/sigstore/cosign/cmd/cosign@latest RUN go install github.com/sigstore/cosign/cmd/cosign@latest
RUN go install github.com/sigstore/rekor/cmd/rekor-cli@latest RUN go install github.com/sigstore/rekor/cmd/rekor-cli@latest
ENV SHELL=/bin/bash # Enable RGB colors in PS1
ENV TERM=xterm-256color ENV TERM=xterm-256color
ENV COLUMNS=200 # Set width of terminal, default is ~80 and leads to broken lines for long lines,
# e.g., curl & cosign commands.
ENV COLUMNS=512
# For PS1 to work shell needs to specified
ENV SHELL=/bin/bash
# ANSI color codes are used to control PS1 prompt. We use "\033[38;2;<r>;<g>;<b>m"
# to control the foreground color with RBG colors [1]. Non-printable characters
# need to be escaped with additional \[ and \], see [2].
# [1]: https://stackoverflow.com/a/33206814/2306355
# [2]: https://stackoverflow.com/a/19501528/2306355
RUN echo 'export PS1="\[\033[38;2;144;255;153m\]~/constellation\[\033[0m\]\r\n\[\033[38;2;139;4;221m\]$\[\033[0m\] "' >> /root/.bashrc RUN echo 'export PS1="\[\033[38;2;144;255;153m\]~/constellation\[\033[0m\]\r\n\[\033[38;2;139;4;221m\]$\[\033[0m\] "' >> /root/.bashrc
# Copy install scripts # Copy install scripts

10
docs/screencasts/docker/check-sbom.sh
View file

@ -7,7 +7,7 @@ set CTRLC \003
set record_name [lindex $argv 0]; set record_name [lindex $argv 0];
proc expect_prompt {} { proc expect_prompt {} {
# make sure this matches your prompt # This matches the trailing 0m of our ANSI control sequence. See PS1 in Dockerfile.
expect "0m " expect "0m "
} }
@ -17,12 +17,6 @@ proc run_command {cmd} {
expect -timeout 1 expect -timeout 1
} }
proc send_keystroke_to_interactive_process {key {addl_sleep 2}} {
send "$key"
expect -timeout 1
sleep $addl_sleep
}
# Start recording # Start recording
spawn asciinema rec --overwrite /recordings/check-sbom.cast spawn asciinema rec --overwrite /recordings/check-sbom.cast
send "\r" send "\r"
@ -47,7 +41,7 @@ run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/lat
expect_prompt expect_prompt
run_command "grype constellation.spdx.sbom -o table -q" run_command "grype constellation.spdx.sbom -o table -q"
expect_prompt expect_prompt
run_command "echo We are safe! :)" run_command "echo We are safe!"
# Stop recording # Stop recording
send "exit" send "exit"

28
docs/screencasts/docker/verify-cli.sh
View file

@ -2,18 +2,19 @@
# Note: Expects to be able to run 'sudo install' without a password # Note: Expects to be able to run 'sudo install' without a password
set timeout -1 set timeout -1
set send_human {0.005 0.015 1 0.05 0.3} set send_human {0.05 0 1 0.05 0.3}
set CTRLC \003 set CTRLC \003
set record_name [lindex $argv 0]; set record_name [lindex $argv 0];
proc expect_prompt {} { proc expect_prompt {} {
# make sure this matches your prompt # This matches the trailing 0m of our ANSI control sequence. See PS1 in Dockerfile.
expect "0m " expect "0m "
} }
proc run_command {cmd} { proc run_command {cmd} {
send -h "$cmd\r" send -h "$cmd"
expect -timeout 3 send "\r"
expect -timeout 1
} }
# Start recording # Start recording
@ -22,25 +23,26 @@ send "\r"
expect_prompt expect_prompt
### Step 0: Requirements ### Step 0: Requirements
# run_command "echo Step 0: Installing requirements" run_command "echo Step 0: Installing requirements"
# expect_prompt expect_prompt
# run_command "go install github.com/sigstore/cosign/cmd/cosign@latest" run_command "go install github.com/sigstore/cosign/cmd/cosign@latest"
# expect_prompt expect_prompt
# run_command "go install github.com/sigstore/rekor/cmd/rekor-cli@latest" run_command "go install github.com/sigstore/rekor/cmd/rekor-cli@latest"
# expect_prompt expect_prompt
### Step 1: Download CLI ### Step 1: Download CLI
run_command "echo Step 1: Download CLI and signature" run_command "echo Step 1: Download CLI and signature"
expect_prompt expect_prompt
run_command "curl -LO https://github.com/edgelesssys/constellation/releases/latest/download/constellation-linux-amd64" run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/download/v2.2.2/constellation-linux-amd64"
expect_prompt expect_prompt
run_command "curl -LO https://github.com/edgelesssys/constellation/releases/latest/download/constellation-linux-amd64.sig" run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/download/v2.2.2/constellation-linux-amd64.sig"
expect_prompt expect_prompt
### Step 2: Verify the CLI using cosign ### Step 2: Verify the CLI using cosign
run_command "echo Step 2: Verify the CLI using cosign and the public Rekor transparency log" run_command "echo Step 2: Verify the CLI using cosign and the public Rekor transparency log"
expect_prompt expect_prompt
run_command "COSIGN_EXPERIMENTAL=1 cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64" # run_command "COSIGN_EXPERIMENTAL=1 cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64"
run_command "COSIGN_EXPERIMENTAL=1 cosign verify-blob --key https://github.com/edgelesssys/constellation/releases/download/v2.2.2/cosign.pub --signature constellation-linux-amd64.sig constellation-linux-amd64"
expect_prompt expect_prompt
### Step 2b: Verify the CLI manually ### Step 2b: Verify the CLI manually

11
docs/screencasts/generate-screencasts.sh
View file

@ -3,14 +3,9 @@
docker build -t screenrecodings docker docker build -t screenrecodings docker
# Generate cast to verify CLI # Generate cast to verify CLI
docker run -it -v "$(pwd)"/recordings:/recordings screenrecodings docker run -it -v "$(pwd)"/recordings:/recordings screenrecodings verify-cli.sh
cp recordings/verify-cli.cast ../static/assets/verify-cli.cast cp recordings/verify-cli.cast ../static/assets/verify-cli.cast
# Generate cast to check SBOM # Generate cast to check SBOM
# docker run -it -v "$(pwd)"/recordings:/recordings screenrecodings check-sbom.sh /recordings/check-sbom.cast docker run -it -v "$(pwd)"/recordings:/recordings screenrecodings check-sbom.sh
# cp recordings/check-sbom.cast ../static/assets/check-sbom.cast cp recordings/check-sbom.cast ../static/assets/check-sbom.cast
# docker rm -f recorder || true
# docker build -t screenrecodings docker
# docker run --name recorder -d -v "$(pwd)"/recordings:/recordings screenrecodings
# docker exec recorder /bin/bash < . check-sbom.sh /recordings/check-sbom.cast

1125
docs/screencasts/verify-cli.svg Normal file
View file

File diff suppressed because one or more lines are too long
Side by side

After

Width:  |  Height:  |  Size: 817 KiB

38
docs/screencasts/window-frame.svg Normal file
View file

@ -0,0 +1,38 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="terminal" baseProfile="full" viewBox="0 0 703 404" width="703" version="1.1">
<defs>
<termtosvg:template_settings xmlns:termtosvg="https://github.com/nbedos/termtosvg">
<termtosvg:screen_geometry columns="82" rows="19"/>
<termtosvg:animation type="css"/>
</termtosvg:template_settings>
<style type="text/css" id="generated-style"></style>
<style type="text/css" id="user-style">
/* The colors defined below are the default 16 colors used for rendering text of the terminal. Adjust
them as needed.
gjm8 color theme (source: https://terminal.sexy/) */
/* customized colors 10, 11, and 14 */
.foreground {fill: #f8f8f2}
.background {fill: #272822}
.color0 {fill: #272822}
.color1 {fill: #f92672}
.color2 {fill: #a6e22e}
.color3 {fill: #f4bf75}
.color4 {fill: #66d9ef}
.color5 {fill: #ae81ff}
.color6 {fill: #a1efe4}
.color7 {fill: #f8f8f2}
.color8 {fill: #75715e}
.color9 {fill: #fd971f}
.color10 {fill: #8b04dd}
.color11 {fill: #dcaf3b}
.color12 {fill: #a59f85}
.color13 {fill: #f5f4f1}
.color14 {fill: #90ff99}
.color15 {fill: #f9f8f5}
</style>
</defs>
<rect id="terminalui" class="background" width="100%" height="100%" ry="4.5826941"/>
<circle cx="24" cy="23" r="7" class="color1"/>
<circle cx="44" cy="23" r="7" class="color3"/>
<circle cx="64" cy="23" r="7" class="color2"/>
<svg id="screen" width="656" height="323" x="23" y="50" viewBox="0 0 656 323" preserveAspectRatio="xMidYMin slice"></svg>
</svg>
Side by side

After

Width:  |  Height:  |  Size: 1.8 KiB

14
docs/src/css/custom.css
View file

@ -70,3 +70,17 @@ html[data-theme='dark'] .header-github-link:before {
.footer--dark { .footer--dark {
background-color: black; background-color: black;
} }
/*
* https://github.com/asciinema/asciinema-player/wiki/Custom-terminal-themes
*/
.asciinema-theme-edgeless .asciinema-terminal {
color: #ffffff; /* default text color */
background-color: #000000; /* terminal background color */
}
.asciinema-theme-edgeless .fg-bg { /* inverse for default text color */
color: #000000;
}
.asciinema-theme-edgeless .bg-fg { /* inverse for terminal background color */
background-color: #ffffff; /* controls color of the cursor */
}

495
docs/static/assets/check-sbom.cast vendored
View file

@ -1,46 +1,449 @@
{"version": 2, "width": 0, "height": 0, "timestamp": 1675859957, "env": {"SHELL": null, "TERM": "xterm"}} {"version": 2, "width": 0, "height": 0, "timestamp": 1676289431, "env": {"SHELL": "/bin/bash", "TERM": "xterm-256color"}}
[0.003825, "o", "$ "] [0.010065, "o", "\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[0.00491, "o", "e"] [0.011766, "o", "e"]
[0.137328, "o", "c"] [0.14535, "o", "c"]
[0.187967, "o", "h"] [0.197918, "o", "h"]
[0.240046, "o", "o"] [0.250453, "o", "o"]
[0.290357, "o", " "] [0.305929, "o", " "]
[0.340857, "o", "S"] [0.358916, "o", "S"]
[0.390951, "o", "t"] [0.417165, "o", "t"]
[0.511681, "o", "e"] [0.562178, "o", "e"]
[0.56956, "o", "p"] [0.619655, "o", "p"]
[0.61976, "o", " "] [0.674731, "o", " "]
[0.672456, "o", "0"] [0.725565, "o", "0"]
[0.723166, "o", ":"] [0.778399, "o", ":"]
[0.773122, "o", " "] [0.828688, "o", " "]
[0.860846, "o", "I"] [0.918494, "o", "I"]
[0.919429, "o", "n"] [0.977915, "o", "n"]
[0.970394, "o", "s"] [1.033904, "o", "s"]
[1.159058, "o", "t"] [1.209349, "o", "t"]
[1.237391, "o", "a"] [1.283352, "o", "a"]
[1.35056, "o", "l"] [1.378754, "o", "l"]
[1.403067, "o", "l"] [1.435191, "o", "l"]
[1.561877, "o", "i"] [1.565195, "o", "i"]
[1.619898, "o", "n"] [1.616437, "o", "n"]
[1.683962, "o", "g"] [1.704011, "o", "g"]
[1.734714, "o", " "] [1.757502, "o", " "]
[1.788163, "o", "r"] [1.81547, "o", "r"]
[1.846651, "o", "e"] [1.876849, "o", "e"]
[1.910593, "o", "q"] [1.929904, "o", "q"]
[1.979596, "o", "u"] [1.986258, "o", "u"]
[2.03013, "o", "i"] [2.044923, "o", "i"]
[2.080866, "o", "r"] [2.095257, "o", "r"]
[2.184044, "o", "e"] [2.202731, "o", "e"]
[2.239835, "o", "m"] [2.256149, "o", "m"]
[2.289997, "o", "e"] [2.306507, "o", "e"]
[2.34052, "o", "n"] [2.357922, "o", "n"]
[2.394017, "o", "t"] [2.421063, "o", "t"]
[2.447544, "o", "s\r\n"] [2.482765, "o", "s\r\nStep 0: Installing requirements\r\n"]
[2.44777, "o", "Step 0: Installing requirements\r\n$ "] [2.483198, "o", "\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[3.481334, "o", "c"] [3.496328, "o", "c"]
[3.630236, "o", "u"] [3.643737, "o", "u"]
[3.687787, "o", "r"] [3.715523, "o", "r"]
[3.753317, "o", "l"] [3.786563, "o", "l"]
[3.805315, "o", " "] [3.843781, "o", " "]
[3.873631, "o", "-"] [3.912909, "o", "-"]
[3.925427, "o", "s"] [3.989469, "o", "s"]
[4.074841, "o", "L"]
[4.130715, "o", "O"]
[4.188683, "o", " "]
[4.24825, "o", "h"]
[4.305274, "o", "t"]
[4.416963, "o", "t"]
[4.470515, "o", "p"]
[4.52327, "o", "s"]
[4.578221, "o", ":"]
[4.683201, "o", "/"]
[4.741166, "o", "/"]
[4.804372, "o", "g"]
[4.924326, "o", "i"]
[5.016468, "o", "t"]
[5.198474, "o", "h"]
[5.26163, "o", "u"]
[5.381812, "o", "b"]
[5.43709, "o", "."]
[5.562643, "o", "c"]
[5.616182, "o", "o"]
[5.886818, "o", "m"]
[5.938105, "o", "/"]
[6.011136, "o", "a"]
[6.091172, "o", "n"]
[6.142385, "o", "c"]
[6.193507, "o", "h"]
[6.250383, "o", "o"]
[6.333686, "o", "r"]
[6.385412, "o", "e"]
[6.436346, "o", "/"]
[6.487965, "o", "g"]
[6.539328, "o", "r"]
[6.591988, "o", "y"]
[6.647236, "o", "p"]
[6.705102, "o", "e"]
[6.762539, "o", "/"]
[6.819832, "o", "r"]
[6.987963, "o", "e"]
[7.038719, "o", "l"]
[7.233329, "o", "e"]
[7.343044, "o", "a"]
[7.393851, "o", "s"]
[7.444695, "o", "e"]
[7.49752, "o", "s"]
[7.550141, "o", "/"]
[7.601687, "o", "d"]
[7.665518, "o", "o"]
[7.728279, "o", "w"]
[7.857819, "o", "n"]
[7.912409, "o", "l"]
[7.964188, "o", "o"]
[8.022729, "o", "a"]
[8.082686, "o", "d"]
[8.143153, "o", "/"]
[8.208225, "o", "v"]
[8.263525, "o", "0"]
[8.314678, "o", "."]
[8.368788, "o", "5"]
[8.445452, "o", "6"]
[8.50976, "o", "."]
[8.563722, "o", "0"]
[8.613906, "o", "/"]
[8.673754, "o", "g"]
[8.732258, "o", "r"]
[8.784188, "o", "y"]
[8.835937, "o", "p"]
[8.91292, "o", "e"]
[8.973988, "o", "_"]
[9.06545, "o", "0"]
[9.127332, "o", "."]
[9.296227, "o", "5"]
[9.350528, "o", "6"]
[9.401948, "o", "."]
[9.452803, "o", "0"]
[9.504202, "o", "_"]
[9.556005, "o", "l"]
[9.637433, "o", "i"]
[9.68895, "o", "n"]
[9.753667, "o", "u"]
[9.80334, "o", "x"]
[9.865054, "o", "_"]
[9.934016, "o", "a"]
[9.998385, "o", "m"]
[10.060818, "o", "d"]
[10.11224, "o", "6"]
[10.167585, "o", "4"]
[10.218713, "o", "."]
[10.273948, "o", "t"]
[10.360255, "o", "a"]
[10.410766, "o", "r"]
[10.461038, "o", "."]
[10.529925, "o", "g"]
[10.614904, "o", "z\r\n"]
[11.310634, "o", "\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[12.317625, "o", "t"]
[12.434291, "o", "a"]
[12.485551, "o", "r"]
[12.538012, "o", " "]
[12.589521, "o", "-"]
[12.679206, "o", "x"]
[12.7718, "o", "v"]
[12.830445, "o", "z"]
[12.882329, "o", "f"]
[12.934635, "o", " "]
[13.042081, "o", "g"]
[13.193074, "o", "r"]
[13.26198, "o", "y"]
[13.316497, "o", "p"]
[13.368358, "o", "e"]
[13.438983, "o", "_"]
[13.490783, "o", "0"]
[13.553354, "o", "."]
[13.606504, "o", "5"]
[13.696887, "o", "6"]
[13.751163, "o", "."]
[13.816201, "o", "0"]
[13.869271, "o", "_"]
[14.080258, "o", "l"]
[14.257091, "o", "i"]
[14.310279, "o", "n"]
[14.362362, "o", "u"]
[14.446912, "o", "x"]
[14.498559, "o", "_"]
[14.556149, "o", "a"]
[14.608739, "o", "m"]
[14.676601, "o", "d"]
[14.732, "o", "6"]
[14.784302, "o", "4"]
[14.84069, "o", "."]
[14.902933, "o", "t"]
[14.969989, "o", "a"]
[15.035788, "o", "r"]
[15.09833, "o", "."]
[15.152182, "o", "g"]
[15.216227, "o", "z"]
[15.216384, "o", "\r\n"]
[15.222131, "o", "CHANGELOG.md\r\nLICENSE\r\n"]
[15.222212, "o", "README.md\r\ngrype\r\n"]
[15.916451, "o", "\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[15.919907, "o", "s"]
[15.97971, "o", "u"]
[16.032478, "o", "d"]
[16.110561, "o", "o"]
[16.162217, "o", " "]
[16.227765, "o", "i"]
[16.284448, "o", "n"]
[16.34247, "o", "s"]
[16.397459, "o", "t"]
[16.570682, "o", "a"]
[16.646094, "o", "l"]
[16.708644, "o", "l"]
[16.76407, "o", " "]
[16.835145, "o", "g"]
[16.893564, "o", "r"]
[16.945837, "o", "y"]
[16.997901, "o", "p"]
[17.054047, "o", "e"]
[17.107563, "o", " "]
[17.173476, "o", "/"]
[17.289729, "o", "u"]
[17.450516, "o", "s"]
[17.763604, "o", "r"]
[17.816562, "o", "/"]
[17.866487, "o", "l"]
[17.917501, "o", "o"]
[17.969298, "o", "c"]
[18.019824, "o", "a"]
[18.073675, "o", "l"]
[18.130012, "o", "/"]
[18.182401, "o", "b"]
[18.232831, "o", "i"]
[18.286529, "o", "n"]
[18.341498, "o", "/"]
[18.426309, "o", "g"]
[18.550714, "o", "r"]
[18.662727, "o", "y"]
[18.809457, "o", "p"]
[18.873611, "o", "e\r\n"]
[18.974581, "o", "\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[19.97807, "o", "g"]
[20.041131, "o", "r"]
[20.093422, "o", "y"]
[20.15259, "o", "p"]
[20.20349, "o", "e"]
[20.255176, "o", " "]
[20.305965, "o", "-"]
[20.357809, "o", "-"]
[20.408005, "o", "h"]
[20.461128, "o", "e"]
[20.513917, "o", "l"]
[20.569546, "o", "p\r\n"]
[20.644052, "o", "A vulnerability scanner for container images, filesystems, and SBOMs.\r\n\r\nSupports the following image sources:\r\n grype yourrepo/yourimage:tag defaults to using images from a Docker daemon\r\n grype path/to/yourproject a Docker tar, OCI tar, OCI directory, SIF container, or generic filesystem directory\r\n grype attestation.json --key cosign.pub extract and scan SBOM from attestation file\r\n\r\nYou can also explicitly specify the scheme to use:\r\n grype podman:yourrepo/yourimage:tag explicitly use the Podman daemon\r\n grype docker:yourrepo/yourimage:tag explicitly use the Docker daemon\r\n grype docker-archive:path/to/yourimage.tar use a tarball from disk for archives created from \"docker save\"\r\n grype oci-archive:path/to/yourimage.tar use a tarball from disk for OCI archives (from Podman or otherwise)\r\n grype oci-dir:path/to/yourimage read directly from a path on disk for OCI layout directories (from Skopeo or otherwise)\r\n grype"]
[20.644278, "o", " singularity:path/to/yourimage.sif read directly from a Singularity Image Format (SIF) container on disk\r\n grype dir:path/to/yourproject read directly from a path on disk (any directory)\r\n grype sbom:path/to/syft.json read Syft JSON from path on disk\r\n grype registry:yourrepo/yourimage:tag pull image directly from a registry (no container runtime required)\r\n grype att:attestation.json --key cosign.pub explicitly use the input as an attestation\r\n grype purl:path/to/purl/file read a newline separated file of purls from a path on disk\r\n\r\nYou can also pipe in Syft JSON directly:\r\n\tsyft yourimage:tag -o json | grype\r\n\r\n"]
[20.645317, "o", "Usage:\r\n grype [IMAGE] [flags]\r\n grype [command]\r\n\r\nAvailable Commands:\r\n completion Generate a shell completion for Grype (listing local docker images)\r\n db vulnerability database operations\r\n help Help about any command\r\n version show the version\r\n\r\nFlags:\r\n --add-cpes-if-none generate CPEs for packages with no CPE data\r\n --by-cve orient results by CVE instead of the original vulnerability ID when possible\r\n -c, --config string application config file\r\n --distro string distro to match against in the format: <distro>:<version>\r\n --exclude stringArray exclude paths from being scanned using a glob expression\r\n -f, --fail-on string set the return code to 1 if a vulnerability is found with a severity >= the given severity, options=[negligible low medium high critical]\r\n --file string file to write the report output to (default is STDOUT)\r\n -h, --help help for grype\r\n --key string "]
[20.645595, "o", " File path to a public key to validate attestation\r\n --only-fixed ignore matches for vulnerabilities that are not fixed\r\n --only-notfixed ignore matches for vulnerabilities that are fixed\r\n -o, --output string report output formatter, formats=[json table cyclonedx cyclonedx-json sarif template], deprecated formats=[embedded-cyclonedx-vex-json embedded-cyclonedx-vex-xml]\r\n --platform string an optional platform specifier for container image sources (e.g. 'linux/arm64', 'linux/arm64/v8', 'arm64', 'linux')\r\n -q, --quiet suppress all logging output\r\n -s, --scope string selection of layers to analyze, options=[Squashed AllLayers] (default \"Squashed\")\r\n --show-suppressed show suppressed/ignored vulnerabilities in the output (only supported with table output format)\r\n -t, --template string specify the path to a Go template file (requires 'template' output to be selected)\r\n -v, --verbose count increase verbo"]
[20.645643, "o", "sity (-v = info, -vv = debug)\r\n\r\nUse \"grype [command] --help\" for more information about a command.\r\n"]
[20.649133, "o", "\u001b[38;2;144;255;153m~/constellation\u001b[0m\r"]
[20.649197, "o", "\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[20.649897, "o", "e"]
[20.711446, "o", "c"]
[20.767029, "o", "h"]
[20.837121, "o", "o"]
[20.891807, "o", " "]
[20.941998, "o", "S"]
[20.998403, "o", "t"]
[21.050505, "o", "e"]
[21.121301, "o", "p"]
[21.174427, "o", " "]
[21.225985, "o", "1"]
[21.278924, "o", ":"]
[21.437774, "o", " "]
[21.516577, "o", "D"]
[21.590702, "o", "o"]
[21.641164, "o", "w"]
[21.705857, "o", "n"]
[21.768407, "o", "l"]
[21.819613, "o", "o"]
[21.873109, "o", "a"]
[22.043102, "o", "d"]
[22.094821, "o", " "]
[22.171355, "o", "C"]
[22.228194, "o", "o"]
[22.278567, "o", "n"]
[22.397389, "o", "s"]
[22.448236, "o", "t"]
[22.505404, "o", "e"]
[22.556895, "o", "l"]
[22.618288, "o", "l"]
[22.692224, "o", "a"]
[22.768206, "o", "t"]
[22.840184, "o", "i"]
[22.893702, "o", "o"]
[23.043113, "o", "n"]
[23.097794, "o", " "]
[23.238123, "o", "S"]
[23.318645, "o", "B"]
[23.369883, "o", "O"]
[23.421657, "o", "M\r\nStep 1: Download Constellation SBOM\r\n\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[24.441946, "o", "c"]
[24.520175, "o", "u"]
[24.580305, "o", "r"]
[24.7771, "o", "l"]
[24.827694, "o", " "]
[24.895082, "o", "-"]
[24.945897, "o", "s"]
[25.160128, "o", "L"]
[25.210847, "o", "O"]
[25.264675, "o", " "]
[25.319557, "o", "h"]
[25.396799, "o", "t"]
[25.465927, "o", "t"]
[25.51549, "o", "p"]
[25.567234, "o", "s"]
[25.621664, "o", ":"]
[25.679171, "o", "/"]
[25.738361, "o", "/"]
[25.788307, "o", "g"]
[25.853674, "o", "i"]
[25.906192, "o", "t"]
[25.956876, "o", "h"]
[26.008173, "o", "u"]
[26.063668, "o", "b"]
[26.123702, "o", "."]
[26.179282, "o", "c"]
[26.230675, "o", "o"]
[26.285234, "o", "m"]
[26.338829, "o", "/"]
[26.39075, "o", "e"]
[26.475756, "o", "d"]
[26.564688, "o", "g"]
[26.615171, "o", "e"]
[26.807671, "o", "l"]
[26.893373, "o", "e"]
[26.971128, "o", "s"]
[27.036577, "o", "s"]
[27.087331, "o", "s"]
[27.169942, "o", "y"]
[27.238661, "o", "s"]
[27.290048, "o", "/"]
[27.390092, "o", "c"]
[27.441335, "o", "o"]
[27.497175, "o", "n"]
[27.548647, "o", "s"]
[27.599103, "o", "t"]
[27.650071, "o", "e"]
[27.700779, "o", "l"]
[27.760178, "o", "l"]
[27.810386, "o", "a"]
[27.861208, "o", "t"]
[27.911065, "o", "i"]
[27.962491, "o", "o"]
[28.013539, "o", "n"]
[28.063958, "o", "/"]
[28.17828, "o", "r"]
[28.230992, "o", "e"]
[28.300926, "o", "l"]
[28.353896, "o", "e"]
[28.450678, "o", "a"]
[28.502015, "o", "s"]
[28.630133, "o", "e"]
[28.687962, "o", "s"]
[28.743771, "o", "/"]
[28.799534, "o", "l"]
[28.850332, "o", "a"]
[28.99114, "o", "t"]
[29.102329, "o", "e"]
[29.153394, "o", "s"]
[29.205522, "o", "t"]
[29.257758, "o", "/"]
[29.312714, "o", "d"]
[29.363482, "o", "o"]
[29.535716, "o", "w"]
[29.614022, "o", "n"]
[29.664336, "o", "l"]
[29.719882, "o", "o"]
[29.836728, "o", "a"]
[29.954617, "o", "d"]
[30.018599, "o", "/"]
[30.068793, "o", "c"]
[30.11929, "o", "o"]
[30.207083, "o", "n"]
[30.275456, "o", "s"]
[30.325954, "o", "t"]
[30.378456, "o", "e"]
[30.42987, "o", "l"]
[30.482071, "o", "l"]
[30.538351, "o", "a"]
[30.614369, "o", "t"]
[30.665917, "o", "i"]
[30.721319, "o", "o"]
[30.771933, "o", "n"]
[30.839371, "o", "."]
[30.888794, "o", "s"]
[30.978885, "o", "p"]
[31.029735, "o", "d"]
[31.081039, "o", "x"]
[31.130706, "o", "."]
[31.229426, "o", "s"]
[31.29387, "o", "b"]
[31.343744, "o", "o"]
[31.39692, "o", "m"]
[31.397152, "o", "\r\n"]
[32.150128, "o", "\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[32.151152, "o", "g"]
[32.201041, "o", "r"]
[32.295536, "o", "y"]
[32.346513, "o", "p"]
[32.40986, "o", "e"]
[32.460082, "o", " "]
[32.510172, "o", "c"]
[32.561166, "o", "o"]
[32.611283, "o", "n"]
[32.661952, "o", "s"]
[32.718904, "o", "t"]
[32.826055, "o", "e"]
[32.882426, "o", "l"]
[33.022938, "o", "l"]
[33.074127, "o", "a"]
[33.135506, "o", "t"]
[33.28511, "o", "i"]
[33.365036, "o", "o"]
[33.416797, "o", "n"]
[33.467755, "o", "."]
[33.518921, "o", "s"]
[33.569381, "o", "p"]
[33.622819, "o", "d"]
[33.702656, "o", "x"]
[33.762621, "o", "."]
[33.829302, "o", "s"]
[33.881453, "o", "b"]
[33.93368, "o", "o"]
[33.98468, "o", "m"]
[34.042302, "o", " "]
[34.093523, "o", "-"]
[34.17382, "o", "o"]
[34.229732, "o", " "]
[34.287505, "o", "t"]
[34.342526, "o", "a"]
[34.476552, "o", "b"]
[34.533955, "o", "l"]
[34.588863, "o", "e"]
[34.638404, "o", " "]
[34.865398, "o", "-"]
[34.91854, "o", "q\r\n"]
[54.627088, "o", "NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY \r\nhelm.sh/helm/v3 v3.10.3 3.11.1 go-module GHSA-pwcw-6f5g-gxf8 Medium \r\n"]
[54.634594, "o", "\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]
[54.635557, "o", "e"]
[54.686011, "o", "c"]
[54.778308, "o", "h"]
[54.828671, "o", "o"]
[54.882074, "o", " "]
[54.934939, "o", "W"]
[54.986462, "o", "e"]
[55.037141, "o", " "]
[55.172234, "o", "a"]
[55.270877, "o", "r"]
[55.33057, "o", "e"]
[55.382353, "o", " "]
[55.451565, "o", "s"]
[55.514092, "o", "a"]
[55.567765, "o", "f"]
[55.629823, "o", "e"]
[55.679575, "o", "!\r\nWe are safe!\r\n\u001b[38;2;144;255;153m~/constellation\u001b[0m\r\r\n\u001b[38;2;139;4;221m$\u001b[0m "]

2107
docs/static/assets/verify-cli.cast vendored
View file

File diff suppressed because it is too large Load diff