secureCodeBox · J12934 · Jul 28, 2024 · Jul 20, 2024 · Jul 20, 2024 · Jul 20, 2024
diff --git a/Makefile b/Makefile
@@ -116,3 +116,7 @@ lintall: ## Lint complete repo
 help: ## Display this help screen.
 	@grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | \
 		awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
+
+.PHONY: scbctl
+scbctl: ## Build scbctl cli tool
+	cd scbctl && go build -o scbctl main.go
diff --git a/documentation/docs/how-tos/scbctl.md b/documentation/docs/how-tos/scbctl.md
@@ -0,0 +1,79 @@
+---
+# SPDX-FileCopyrightText: the secureCodeBox authors
+#
+# SPDX-License-Identifier: Apache-2.0
+
+title: "How to use scbctl"
+description: "Intro to the new secureCodeBox CLI tool"
+sidebar_position: 4
+---
+
+# Using scbctl - CLI for secureCodeBox
+
+`scbctl` is a command-line interface tool designed to simplify interactions with secureCodeBox CustomResources like Scans and ScheduledScans. It provides an easier alternative to using `kubectl` and `helm` for certain operations.
+
+## Installation
+
+To install `scbctl`:
+
+1. Clone the secureCodeBox repository:
+   ```bash
+   git clone https://github.com/secureCodeBox/secureCodeBox.git
+   ```
+
+2. Build the tool:
+   ```bash
+   make scbctl
+   ```
+
+3. Move the binary to a directory in your PATH:
+   ```bash
+   cd scbctl
+   sudo mv scbctl /usr/local/bin/scbctl
+   ```
+
+## Key Commands
+
+### Creating a Scan
+
+Use the `scan` command to create a new Scan custom resource:
+
+```bash
+scbctl scan [scanType] -- [parameters...]
+```
+
+Examples:
+- Basic scan: `scbctl scan nmap -- scanme.nmap.org`
+- Named scan: `scbctl scan nmap --name my-nmap-scan -- scanme.nmap.org`
+- Multiple parameters: `scbctl scan nuclei -- -target example.com`
+- Scan in a specific namespace: `scbctl scan --namespace testing nmap -- -p 80 scanme.nmap.org`
+
+### Triggering a ScheduledScan
+
+To manually trigger a ScheduledScan:
+
+```bash
+scbctl trigger [scheduledScanName] [flags]
+```
+
+Examples:
+- Trigger a scan: `scbctl trigger nmap-localhost`
+- Trigger in a different namespace: `scbctl trigger nmap-localhost --namespace production`
+
+## Additional Features
+
+1. **Namespace Selection**: Most commands support a `--namespace` flag to specify the Kubernetes namespace.
+
+2. **Custom Naming**: You can provide custom names for scans using the `--name` flag with the `scan` command.
+
+3. **Shell Completion**: `scbctl` offers shell completion to make command usage easier. Use `scbctl completion --help` for setup instructions.
+
+## Tips for Effective Use
+
+1. **Explore Help**: Use `scbctl --help` or `scbctl [command] --help` for detailed information about commands and flags.
+
+2. **Namespace Awareness**: Always be mindful of which namespace you're operating in, especially in multi-tenant environments.
+
+3. **Combining with kubectl**: While `scbctl` simplifies many operations, you may still need to use `kubectl` for more advanced Kubernetes operations.
+
+4. **Automation**: Consider incorporating `scbctl` commands into scripts or CI/CD pipelines for automated security scanning.
diff --git a/documentation/docs/scbctl/_category_.json b/documentation/docs/scbctl/_category_.json
@@ -0,0 +1,9 @@
+{
+  "label": "Command Line (scbctl)",
+  "position": 10,
+  "link": {
+    "type": "generated-index",
+    "title": "Overview",
+    "slug": "scbctl"
+  }
+}
diff --git a/documentation/docs/scbctl/_category_.json.license b/documentation/docs/scbctl/_category_.json.license
@@ -0,0 +1,3 @@
+# SPDX-FileCopyrightText: the secureCodeBox authors
+#
+# SPDX-License-Identifier: Apache-2.0
diff --git a/documentation/docs/scbctl/auto-completion.md b/documentation/docs/scbctl/auto-completion.md
@@ -0,0 +1,122 @@
+---
+# SPDX-FileCopyrightText: the secureCodeBox authors
+#
+# SPDX-License-Identifier: Apache-2.0
+
+title: "Setup Shell completion"
+description: "How to shell completion and leverage scbctl shell completion"
+sidebar_position: 4
+---
+
+# Setting Up Shell Completion for scbctl
+
+Shell completion is a feature that allows scbctl to automatically complete command names, flags, and arguments as you type them in your terminal. This can significantly improve your productivity and ease of use when working with scbctl.
+
+## Supported Shells
+
+scbctl supports shell completion for the following shells:
+
+- Bash
+- Zsh
+- Fish
+- PowerShell
+
+## General Setup
+
+To view the shell completion setup instructions, use the following command:
+
+```bash
+scbctl completion --help
+```
+
+This will display usage information and examples for different shells.
+
+## Bash Completion Setup
+
+1. Ensure that bash-completion is installed. If not, you can install it using your package manager:
+
+   ```bash
+   # For Ubuntu/Debian
+   sudo apt-get install bash-completion
+
+   # For macOS (using Homebrew)
+   brew install bash-completion
+   ```
+
+2. Add the following line to your `~/.bashrc` file:
+
+   ```bash
+   source <(scbctl completion bash)
+   ```
+
+3. Reload your shell or run:
+
+   ```bash
+   source ~/.bashrc
+   ```
+
+## Zsh Completion Setup
+
+1. Add the following line to your `~/.zshrc` file:
+
+   ```zsh
+   source <(scbctl completion zsh)
+   ```
+
+2. If you get an error like `complete:13: command not found: compdef`, add the following to the beginning of your `~/.zshrc` file:
+
+   ```zsh
+   autoload -Uz compinit
+   compinit
+   ```
+
+3. Reload your shell or run:
+
+   ```zsh
+   source ~/.zshrc
+   ```
+
+## Fish Completion Setup
+
+1. Run the following command:
+
+   ```fish
+   scbctl completion fish | source
+   ```
+
+2. To make it permanent, append the above command to your `~/.config/fish/config.fish` file:
+
+   ```fish
+   echo "scbctl completion fish | source" >> ~/.config/fish/config.fish
+   ```
+
+## PowerShell Completion Setup
+
+1. Create a new file named `scbctl_completion.ps1` in your PowerShell profile directory:
+
+   ```powershell
+   scbctl completion powershell > $HOME\Documents\WindowsPowerShell\scbctl_completion.ps1
+   ```
+
+2. Add the following line to your PowerShell profile:
+
+   ```powershell
+   . $HOME\Documents\WindowsPowerShell\scbctl_completion.ps1
+   ```
+
+## Verifying Completion Setup
+
+After setting up completion, you can verify it's working by:
+
+1. Starting a new shell session or reloading your current one.
+2. Typing `scbctl` followed by a space and then pressing the Tab key.
+3. You should see available commands or options auto-completed or listed.
+
+## Troubleshooting
+
+If completion doesn't work after following these steps:
+
+1. Ensure you've reloaded your shell or started a new session.
+2. Check that scbctl is in your system's PATH.
+3. Verify that you've correctly added the completion command to your shell's configuration file.
+4. For Bash and Zsh, make sure you have the required completion utilities installed.
diff --git a/documentation/docs/scbctl/installation.md b/documentation/docs/scbctl/installation.md
@@ -0,0 +1,21 @@
+---
+# SPDX-FileCopyrightText: the secureCodeBox authors
+#
+# SPDX-License-Identifier: Apache-2.0
+
+title: "Installation of scbctl"
+description: "How to install the secureCodeBox cli (scbctl)"
+sidebar_position: 2
+---
+
+To install `scbctl`:
+
+At the moment we do not provide precompiled binaries for the `scbctl`.
+If you have go installed installing it is as simple as running:
+
+```bash
+go install github.com/secureCodeBox/secureCodeBox/scbctl@latest
+```
+
+Make sure that your golang home `bin` directory is part of your shell path.
+If you don't know where your go home directory is run `go env GOPATH`.
diff --git a/documentation/docs/scbctl/overview.md b/documentation/docs/scbctl/overview.md
@@ -0,0 +1,53 @@
+---
+# SPDX-FileCopyrightText: the secureCodeBox authors
+#
+# SPDX-License-Identifier: Apache-2.0
+
+title: "Overview of scbctl"
+description: "Intro to the secureCodeBox CLI tool"
+sidebar_position: 1
+---
+
+scbctl is a command-line interface (CLI) tool designed to simplify interactions with secureCodeBox Operator.
+
+## Purpose
+
+The main purpose of scbctl is to provide an easier way to manage secureCodeBox CustomResources in Kubernetes, reducing the complexity of using kubectl and helm for common secureCodeBox operations.
+
+## Key Features
+
+1. **Scan Creation**
+
+   - Easily create new Scan custom resources
+   - Support for various scan types and parameters
+
+2. **ScheduledScan Management**
+
+   - Trigger ScheduledScans manually ahead of their schedule
+
+3. **Shell Completion**
+   - Offers completion support for easier command usage
+
+## Main Commands
+
+1. `scan`: Create a new Scan custom resource. See [Usage: scbctl scan](./usage.md#scbctl-scan-creating-scans)
+2. `trigger`: Trigger a ScheduledScan execution. See [Usage: scbctl trigger](./usage.md#scbctl-trigger-triggering-scheduledscans)
+
+## Use Cases
+
+1. **Quick Scan Creation**: Rapidly initiate security scans without writing YAML files
+2. **CI/CD Integration**: Easily incorporate security scanning into automated pipelines
+3. **Manual Triggering**: Allows operators to run ScheduledScans on-demand
+
+## Benefits
+
+1. **Simplicity**: Reduces the learning curve for managing secureCodeBox resources
+2. **Efficiency**: Streamlines common tasks, saving time for operators
+3. **Flexibility**: Supports various scan types and configurations
+4. **Integration**: Can be easily incorporated into scripts and automation workflows
+
+## Future Directions
+
+1. Support scans monitoring / observations
+2. Support direct installation on MacOS/Windows/Linux
+3. Support other commands for creation of ScheduledScans
diff --git a/documentation/docs/scbctl/usage.md b/documentation/docs/scbctl/usage.md
@@ -0,0 +1,56 @@
+---
+# SPDX-FileCopyrightText: the secureCodeBox authors
+#
+# SPDX-License-Identifier: Apache-2.0
+
+title: "How to use scbctl"
+description: "Intro to the new secureCodeBox CLI tool"
+sidebar_position: 3
+---
+
+## Key Commands
+
+### `scbctl scan`: Creating Scans
+
+Use the `scan` command to create a new Scan custom resource.
+For it to work you need to have the scan type installed in the namespace you run the command for.
+
+```bash
+scbctl scan [scanType] -- [parameters...]
+```
+
+By default the scan command creates a scan with the same name as the scan type.
+E.g. when creating a nmap scan, it will be called `nmap`. YOu can provide a custom name using the `--name` flag.
+
+Examples:
+
+- Create a basic nmap scan against `scanme.nmap.org`: `scbctl scan nmap -- scanme.nmap.org`
+- Create a named scan: `scbctl scan nmap --name my-nmap-scan -- scanme.nmap.org`
+- Multiple parameters: `scbctl scan nuclei -- -target example.com`
+- Scan in a specific namespace: `scbctl scan --namespace testing nmap -- -p 80 scanme.nmap.org`
+
+### `scbctl trigger`: Triggering ScheduledScans
+
+To manually trigger a ScheduledScan.
+This will create a new scan for the ScheduledScan.
+
+```bash
+scbctl trigger [scheduledScanName] [flags]
+```
+
+If the ScheduledScan is configured with an interval, e.g. every `4h`, the next interval is reset, so that the next scheduled execution will be in 4h from when the `scbctl trigger` command is executed.
+If the ScheduledScan is configured using a cron expression the ScheduledScan will still be scheduled as usual when the cron expression next matches.
+
+Examples:
+
+- Trigger a scan: `scbctl trigger nmap-localhost`
+- Trigger in a different namespace: `scbctl trigger nmap-localhost --namespace production`
+
+## Tips for Effective Use
+
+1. **Explore Help**: Use `scbctl --help` or `scbctl [command] --help` for detailed information about commands and flags.
+2. **Namespace Awareness**: Always be mindful of which namespace you're operating in, especially in multi-tenant environments.
+3. **Combining with kubectl**: While `scbctl` simplifies many operations, you may still need to use `kubectl` for more advanced Kubernetes operations.
+4. **Automation**: Consider incorporating `scbctl` commands into scripts or CI/CD pipelines for automated security scanning.
+
+By leveraging `scbctl`, you can streamline your interaction with secureCodeBox, making it easier to manage scans and scheduled scans in your Kubernetes environment.
diff --git a/scbctl/README.md b/scbctl/README.md
@@ -0,0 +1,25 @@
+<!--
+SPDX-FileCopyrightText: the secureCodeBox authors
+
+SPDX-License-Identifier: Apache-2.0
+-->
+
+# scbctl - CLI for secureCodeBox
+
+The main purpose of scbctl is to provide an easier way to manage secureCodeBox CustomResources in Kubernetes, reducing the complexity of using kubectl and helm for common secureCodeBox operations.
+
+## Installation
+
+At the moment we do not provide precompiled binaries for the `scbctl`.
+If you have go installed installing it is as simple as running:
+
+```bash
+go install github.com/secureCodeBox/secureCodeBox/scbctl@latest
+```
+
+Make sure that your golang home `bin` directory is part of your shell path.
+If you don't know where your go home directory is run `go env GOPATH`.
+
+## Commands
+
+To find out more about the commands & functionalities supported by `scbctl`, run `scbctl --help` or refer to the [scbctl documentation](https://www.securecodebox.io/docs/scbctl/overview).