CLI
Spectral is a CLI (Command Line Interface) driven toolchain.
Quick start
After signing up, grab your SPECTRAL_DSN and export it so you could run commands freely: export SPECTRAL_DSN=<SPECTRAL_DSN>
For testing and playing around interactively:
$ spectral run
And in your CI:
$ spectral scan
๐ฆธโโ๏ธ
Command line driven?
Our thesis is that people can get value the fastest, by wielding Spectral as a tool. We try hard to make that true for Windows users as well with PowerShell.
Hello Spectral ๐
Commands
| Command | Description |
|---|---|
run | Run a scan interactively, for exploring or auditing |
scan | Run a scan from your CI/pipeline |
init | Initialize configuration in your repo. This is how you customize ignores, detectors, and more. |
fingerprint | Encode a one-way fingerprint from a secret, for ignoring content. |
container | Run spectral scan on a container |
github | Audit a github organization, user, or repo |
gitlab | Audit a gitlab organization, group, user, or repo |
Env variables
| Command | Description |
|---|---|
SPECTRAL_DSN=<DSN> | Your private Spectral DSN, which connects to your account |
SPECTRAL_SHOW_MATCH=1 | Show secrets in scan output (off by default) |
Common flags
| Command | Description |
|---|---|
-t, --token | Supply a token for Github, Gitlab, or others for auditing |
-h, --host | Supply a git host (where relevant, e.g.: Gitlab) |
-d, --dest | Where to put git repos in case of auditing |
-k, --kind | What to audit? e.g.: group, user, org |
--with-branches | Activate superpower mode: see through all your branches |
scan | Run a scan from your CI/pipeline |
init | Initialize configuration in your repo. This is how you customize ignores, detectors, and more. |
fingerprint | Encode a one-way fingerprint from a secret, for ignoring content. |
container | Run spectral scan on a container |
github | Audit a github organization, user, or repo |
gitlab | Audit a gitlab organization, group, user, or repo |
Help! ๐ฎ
When in doubt, you can always use the --help option for the main binary, or using a sub command, for example spectral run --help:
spectral --help
Spectral Agent 1.2.10
Spectral Inc.
USAGE:
spectral [SUBCOMMAND]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
SUBCOMMANDS:
container Run a Spectral scan on a container using Docker
fingerprint Fingerprint sensitive information for ignores
github Run a Spectral scan on a github organization, user, or team. Alias: 'git'.
gitlab Run a Spectral scan on a Gitlab organization, user, or team
help Prints this message or the help of the given subcommand(s)
init Initialize Spectral
run Run a Spectral scan interactively
scan Run a Spectral scan in your CI/pipeline
stream Run a Spectral scan on stream
version