AnchoreCTL
Introduction
In this section you will learn how to install and configure AnchoreCTL, the Anchore Enterprise CLI. It currently shares some functionality with anchore-cli is designed specifically for use with Anchore Enterprise. AnchoreCTL is published as a simple binary that can be installed by downloading it or using provided packages for installation in different platforms. Using AnchoreCTL, users can manage and inspect images, manage their false-positive management settings, manage their runtime inventory settings, interact with the runtime compliance API, and even generate/upload image SBOMs.
Getting Started
You can install AnchoreCTL using either archives or provided packages downloaded from the release site.
macOS .dmg
curl -o anchorectl.dmg https://anchorectl-releases.s3-us-west-2.amazonaws.com/v0.2.0/anchorectl_0.2.0_darwin_amd64.dmg
macOS Tar
curl -o anchorectl.tar.gz https://anchorectl-releases.s3-us-west-2.amazonaws.com/v0.2.0/anchorectl_0.2.0_darwin_amd64.tar.gz
Debian
curl -o anchorectl.deb https://anchorectl-releases.s3-us-west-2.amazonaws.com/v0.2.0/anchorectl_0.2.0_linux_amd64.deb
RPM
curl -o anchorectl.rpm https://anchorectl-releases.s3-us-west-2.amazonaws.com/v0.2.0/anchorectl_0.2.0_linux_amd64.rpm
Linux Tar
curl -o anchorectl.tar.gz https://anchorectl-releases.s3-us-west-2.amazonaws.com/v0.2.0/anchorectl_0.2.0_linux_amd64.tar.gz
Windows
curl -o anchorectl.zip https://anchorectl-releases.s3-us-west-2.amazonaws.com/v0.2.0/anchorectl_0.2.0_windows_amd64.zip
Configuration
AnchoreCTL can be configured via a config file at the following locations, with the following precedence:
- Environment Vars (i.e. ANCHORECTL_ANCHORE_USER, ANCHORECTL_ANCHORE_PASSWORD, ANCHORECTL_ANCHORE_URL)
- Config Path override (note: if this file is not found, config SHOULD fail)
- .anchorectl.yaml or anchorectl.yaml
- .anchorectl/config.yaml
- ~/.anchorectl.yaml
- ~/anchorectl/config.yaml
To get a release-matched version of this configuration file, you can retrieve it as follows:
curl -o anchorectl.yaml https://anchorectl-releases.s3-us-west-2.amazonaws.com/v0.2.0/anchorectl.yaml
Note that it has detailed comments above each configuration value so you know what each does.
Required
At the very least, AnchoreCTL needs the following information
- Anchore Connection details (including authentication information)
enterpriseEnabled: true
. This is the default value, but it must be specified in order for the enterprise-related features to work.