Skip to content

docs: update CLI and helm reference for v2.15.0 #118

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mbevc1 merged 1 commit into from
Apr 2, 2026
Merged

docs: update CLI and helm reference for v2.15.0 #118

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
86 changes: 86 additions & 0 deletions client_reference/kosli_evaluate_input.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
---
title: "kosli evaluate input"
beta: false
deprecated: false
description: "Evaluate a local JSON input against a Rego policy."
---

## Synopsis

```shell
kosli evaluate input [flags]
```

Evaluate a local JSON input against a Rego policy.
Read JSON from a file or stdin and evaluate it against a Rego policy.
The input file should contain the raw JSON object your policy expects —
not the wrapper produced by `--show-input`. Use `jq '.input'` to extract
the policy input from a `--show-input --output json` capture.

The policy must use `package policy` and define an `allow` rule.
An optional `violations` rule (a set of strings) can provide human-readable denial reasons.
The command exits with code 0 when allowed and code 1 when denied.

When `--input-file` is omitted, JSON is read from stdin.

## Flags
| Flag | Description |
| :--- | :--- |
| -h, --help | help for input |
| -i, --input-file string | [optional] Path to a JSON input file. Reads from stdin if omitted. |
| -o, --output string | [defaulted] The format of the output. Valid formats are: [table, json]. (default "table") |
| -p, --policy string | Path to a Rego policy file to evaluate against the input. |
| --show-input | [optional] Include the policy input data in the output. |


## Flags inherited from parent commands
| Flag | Description |
| :--- | :--- |
| -a, --api-token string | The Kosli API token. |
| -c, --config-file string | [optional] The Kosli config file path. (default "kosli") |
| --debug | [optional] Print debug logs to stdout. A boolean flag [docs](/faq/#boolean-flags) (default false) |
| -H, --host string | [defaulted] The Kosli endpoint. (default "https://app.kosli.com") |
| --http-proxy string | [optional] The HTTP proxy URL including protocol and port number. e.g. 'http://proxy-server-ip:proxy-port' |
| -r, --max-api-retries int | [defaulted] How many times should API calls be retried when the API host is not reachable. (default 3) |
| --org string | The Kosli organization. |


## Examples Use Cases

These examples all assume that the flags `--api-token`, `--org`, `--host`, (and `--flow`, `--trail` when required), are [set/provided](/getting_started/install/#assigning-flags-via-environment-variables).

<AccordionGroup>
<Accordion title="capture trail data for local policy iteration">
```shell
kosli evaluate trail TRAIL --flow FLOW
--policy allow-all.rego
--show-input --output json | jq '.input' > trail-data.json

```
</Accordion>
<Accordion title="then iterate on your policy locally">
```shell
kosli evaluate input
--input-file trail-data.json
--policy policy.rego

```
</Accordion>
<Accordion title="evaluate and show the data passed to the policy">
```shell
kosli evaluate input
--input-file trail-data.json
--policy policy.rego
--show-input
--output json

```
</Accordion>
<Accordion title="read input from stdin">
```shell
cat trail-data.json | kosli evaluate input
--policy policy.rego
```
</Accordion>
</AccordionGroup>

2 changes: 1 addition & 1 deletion client_reference/kosli_evaluate_trail.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ kosli evaluate trail TRAIL-NAME [flags]
```

Evaluate a trail against a policy.
Fetch a single trail from Kosli and evaluate it against a Rego policy using OPA.
Fetch a single trail from Kosli and evaluate it against a Rego policy.
The trail data is passed to the policy as `input.trail`.

Use `--attestations` to enrich the input with detailed attestation data
Expand Down
2 changes: 1 addition & 1 deletion client_reference/kosli_evaluate_trails.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ kosli evaluate trails TRAIL-NAME [TRAIL-NAME...] [flags]
```

Evaluate multiple trails against a policy.
Fetch multiple trails from Kosli and evaluate them together against a Rego policy using OPA.
Fetch multiple trails from Kosli and evaluate them together against a Rego policy.
The trail data is passed to the policy as `input.trails` (an array), unlike
`evaluate trail` which passes `input.trail` (a single object).

Expand Down
2 changes: 1 addition & 1 deletion client_reference/overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: "Reference documentation for the Kosli CLI."
---

<Info>
This reference was generated from Kosli CLI **v2.14.0**.
This reference was generated from Kosli CLI **v2.15.0**.
</Info>

The Kosli CLI allows you to interact with Kosli from your terminal and CI/CD pipelines.
Expand Down