Kubernetes continuous compliance. Captures container state — SBOMs, cryptographic inventories, vulnerability scans, and malware detection — before pods disappear.
This repository distributes the reel CLI binary (Linux, macOS, Intel + Apple Silicon) and tracks its changelog. Related artifacts live in dedicated repos:
| Artifact | Repository |
|---|---|
| CLI binary + changelog (this repo) | getreeldev/reel-cli |
| GitHub Action | getreeldev/reel-action |
| Helm chart | getreeldev/helm |
| Homebrew formula | getreeldev/homebrew-tap |
| Docker images | getreel/agent, getreel/init-criu, getreel/init-trivy on Docker Hub |
curl -sL https://github.com/getreeldev/reel-cli/releases/latest/download/reel_linux_amd64.tar.gz \
| tar xz && sudo mv reel /usr/local/bin/Other targets: reel_linux_arm64.tar.gz, reel_darwin_amd64.tar.gz, reel_darwin_arm64.tar.gz.
brew install getreeldev/tap/reelVerify:
reel version
reel status# Generate an SBOM
reel export sbom --image nginx:latest -o sbom.json
# Vulnerability scan (SARIF output, ready for GitHub Code Scanning)
reel export sarif --image nginx:latest -o results.sarif
# Annotate scan output with vendor VEX statements (new in v1.5.0)
reel export sbom --image redhat/ubi9-minimal --scanners vuln,vex
# Cryptographic bill of materials
reel export cbom --image nginx:latest -o cbom.json
# Malware detection
reel export malware --image nginx:latest -o malware.json- Full docs: getreel.dev/docs
- GitHub Action usage: getreel.dev/docs/github-action
- VEX integration: vex.getreel.dev
Proprietary. See LICENSE for terms.