The following RapidFort CLI tools enable users to interact with the RapidFort Platform:
rflogin: Log into RapidFort
rfstub: Generate a stub image
rfharden: Generate a hardened image
rfscan: Scan one or more images or container registries for packages and vulnerabilities
rfls: List RapidFort stub and hardened images that are available on the client system
rfjobs: List all RapidFort jobs for the current user (including jobs that are not available on the client system)
rfinfo: Show detailed information and optionally download reports for a RapidFort job
Requirements:
Hardware & OS:
- 64-bit Intel-based hardware
- Linux/Linux variant or Mac OS X OS
- 2 GB of memory at a minimum
- Minimum 10 GB of free drive space - Generally, 4x image size free space is required, at a minimum, when generating stub images, and 2x image size free space is required for scanning images.
Applications:
- bash
- curl
- Python 3.7+ and pip3 (RapidFort recommends Python 3.8.10 or higher)
- sed
- tar
- Container Engine - either Docker or Podman
- Docker: The RapidFort CLI tools must have permission to access the Docker daemon socket. Verify that the user for whom the RapidFort CLI tools will be installed has permission to access the Docker daemon socket. For example, the user should be able to run the following commands from the client system:
- docker images
- docker pull <image>
- Docker: The RapidFort CLI tools must have permission to access the Docker daemon socket. Verify that the user for whom the RapidFort CLI tools will be installed has permission to access the Docker daemon socket. For example, the user should be able to run the following commands from the client system:
Note: For more information on managing Docker as a non-root user, refer to Manage Docker as a non-root user. If you cannot give a non-root user permission to access the Docker daemon socket, install RapidFort CLI tools as a root user.
-
- Podman: RapidFort recommends Podman version 4.2.0 or higher. Verify that the client system has permission to podman pull, podman run, and podman push (if applicable) container images.
The client system must have HTTPS access to frontrow.rapidfort.com. To verify, run:
nc -vz us01.rapidfort.com 443
The container host (Docker, Docker-Compose, Kubernetes, Amazon EKS, or AWS Fargate) must have HTTPS access to rfpubsub.rapidfort.com, which can be verified by running:
nc -vz rfpubsub.rapidfort.com 443
Installation:
RapidFort SaaS - to install the CLI tools, run:
curl https://us01.rapidfort.com/cli/ | bash
RapidFort On-Premises - to install the CLI tools, run:
curl https://<rapidfort_hostname>/cli/ | bash
Note: requires the IP address or hostname of your RapidFort On-Premises deployment