CLI documentation for checkmate tool

[carlin-q-scott]

I have no idea what commands are available for the checkmate tool, other than what I found in the sh scripts. Where are the commands and arguments documented? checkmate help returns:

Unknown command: help

[marcinguy]

Hi @carlin-q-scott

Those are the main ones. What do you need/want to achieve? Maybe I can put it on the roadmap. My DM is also open.

Thanks,

[carlin-q-scott]

Thank you for the quick response @marcinguy. I was hoping to be able to run the cli with my CI environment without having to commit the sqlite db file to git-lfs. I thought I could just change the backend to postgres, but the CLI doesn't support that; it's hardcoded to sqlite. I thought there had to be a way to push scan results to the better-scan server, but I don't see a way to do that either. I did find a commands/sync.py, but it doesn't seem to have an implementation yet.

How do you suggest integrating with Azure DevOps? It supports SARIF via a plugin, but I think we can only generate SARIF files using the CLI, which means I can't persist my incremental scan results or ignore detected issues.

[marcinguy]

@carlin-q-scott Understood. It is possible.

Those are supported:

PostgreSQL
MySQL and MariaDB
Oracle
Microsoft SQL Server

You will than store state there (not in git-lfs) and see results in SARIF, as you want in Azure DevOps Server.

Please DM me if you need help to have it there.

[marcinguy]

Closing due to inactivity