Installing the Command Line Interface (CLI) tools

The following RapidFort CLI tools enable users to interact with the RapidFort Platform:

rflogin: Log into RapidFort

rfstub: Generate a stub image

rfharden: Generate a hardened image

rfscan: Scan one or more images or container registries for packages and vulnerabilities

rfls: List RapidFort stub and hardened images that are available on the client system

rfjobs: List all RapidFort jobs for the current user (including jobs that are not available on the client system)

rfinfo: Show detailed information and optionally download reports for a RapidFort job

Requirements:

Hardware & OS:

  • 64-bit Intel-based hardware
  • Linux/Linux variant or Mac OS X OS
  • 2 GB of memory at a minimum
  • Minimum 10 GB of free drive space - Generally, 4x image size free space is required, at a minimum, when generating stub images, and 2x image size free space is required for scanning images.

Applications:

  • bash
  • curl
  • Python 3.7+ and pip3 (RapidFort recommends Python 3.8.10 or higher)
  • sed
  • tar
  • Container Engine - either Docker or Podman
    • Docker: The RapidFort CLI tools must have permission to access the Docker daemon socket. Verify that the user for whom the RapidFort CLI tools will be installed has permission to access the Docker daemon socket. For example, the user should be able to run the following commands from the client system:
      • docker images
      • docker pull <image>

Note: For more information on managing Docker as a non-root user, refer to Manage Docker as a non-root user. If you cannot give a non-root user permission to access the Docker daemon socket, install RapidFort CLI tools as a root user.

    • Podman: RapidFort recommends Podman version 4.2.0 or higher. Verify that the client system has permission to podman pull, podman run, and podman push (if applicable) container images.

 

The client system must have HTTPS access to frontrow.rapidfort.com. To verify, run:

 nc -vz us01.rapidfort.com 443

The container host (Docker, Docker-Compose, Kubernetes, Amazon EKS, or AWS Fargate) must have HTTPS access to rfpubsub.rapidfort.com, which can be verified by running:

 nc -vz rfpubsub.rapidfort.com 443

Installation:

RapidFort SaaS - to install the CLI tools, run:

curl https://us01.rapidfort.com/cli/ | bash

RapidFort On-Premises - to install the CLI tools, run:

curl https://<rapidfort_hostname>/cli/ | bash

Note: requires the IP address or hostname of your RapidFort On-Premises deployment