{"id":18913536,"url":"https://github.com/complianceascode/auditree-plant","last_synced_at":"2025-04-15T08:30:51.341Z","repository":{"id":56388983,"uuid":"280148003","full_name":"ComplianceAsCode/auditree-plant","owner":"ComplianceAsCode","description":"The Auditree tool for adding external evidence.","archived":false,"fork":false,"pushed_at":"2024-09-14T09:36:27.000Z","size":51,"stargazers_count":10,"open_issues_count":4,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-28T18:50:40.949Z","etag":null,"topics":["compliance","compliance-as-code","compliance-automation","continuous-compliance","devops","devsecops","python"],"latest_commit_sha":null,"homepage":"https://auditree.github.io/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ComplianceAsCode.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null}},"created_at":"2020-07-16T12:27:14.000Z","updated_at":"2024-10-30T17:59:52.000Z","dependencies_parsed_at":"2023-02-16T05:46:08.268Z","dependency_job_id":null,"html_url":"https://github.com/ComplianceAsCode/auditree-plant","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ComplianceAsCode%2Fauditree-plant","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ComplianceAsCode%2Fauditree-plant/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ComplianceAsCode%2Fauditree-plant/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ComplianceAsCode%2Fauditree-plant/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ComplianceAsCode","download_url":"https://codeload.github.com/ComplianceAsCode/auditree-plant/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248465317,"owners_count":21108243,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["compliance","compliance-as-code","compliance-automation","continuous-compliance","devops","devsecops","python"],"created_at":"2024-11-08T10:08:12.617Z","updated_at":"2025-04-15T08:30:51.026Z","avatar_url":"https://github.com/ComplianceAsCode.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![OS Compatibility][platform-badge]](#prerequisites)\n[![Python Compatibility][python-badge]][python-dl]\n[![pre-commit][pre-commit-badge]][pre-commit]\n[![Code validation](https://github.com/ComplianceAsCode/auditree-plant/workflows/format%20%7C%20lint%20%7C%20test/badge.svg)][lint-test]\n[![Upload Python Package](https://github.com/ComplianceAsCode/auditree-plant/workflows/PyPI%20upload/badge.svg)][pypi-upload]\n\n# auditree-plant\n\nThe Auditree tool for adding external evidence.\n\n## Introduction\n\nAuditree `plant` is a command line tool that assists in adding evidence to an\nevidence locker.  It provides a thoughtful way to add evidence to an\nevidence locker by managing the evidence metadata so that checks and dependent fetchers\nexecuted as part of the [Auditree compliance framework][auditree-framework] can apply\nappropriate time to live validations.\n\n## Prerequisites\n\n- Supported for execution on OSX and LINUX.\n- Supported for execution with Python 3.6 and above.\n\nPython 3 must be installed, it can be downloaded from the [Python][python-dl]\nsite or installed using your package manager.\n\nPython version can be checked with:\n\n```sh\npython --version\n```\n\nor\n\n```sh\npython3 --version\n```\n\nThe `plant` tool is available for download from [PyPI](https://pypi.org/project/auditree-plant/).\n\n## Installation\n\nIt is best practice, but not mandatory, to run `plant` from a dedicated Python\nvirtual environment.  Assuming that you have the Python [virtualenv][virtual-env]\npackage already installed, you can create a virtual environment named `venv` by\nexecuting `virtualenv venv` which will create a `venv` folder at the location of\nwhere you executed the command.  Alternatively you can use the python `venv` module\nto do the same.\n\n```sh\npython3 -m venv venv\n```\n\nAssuming that you have a virtual environment and that virtual environment is in\nthe current directory then to install a new instance of `plant`, activate\nyour virtual environment and use `pip` to install `plant` like so:\n\n```sh\n. ./venv/bin/activate\npip install auditree-plant\n```\n\nAs we add new features to `plant` you will want to upgrade your `plant`\npackage.  To upgrade `plant` to the most recent version do:\n\n```sh\n. ./venv/bin/activate\npip install auditree-plant --upgrade\n```\n\nSee [pip documentation][pip-docs] for additional options when using `pip`.\n\n## Configuration\n\nSince Auditree `plant` interacts with Git repositories, it requires Git remote\nhosting service credentials in order to do its thing.  Auditree `plant` will by\ndefault look for a `username` and `token` in a `~/.credentials` file.  You can\noverride the credentials file location by using the `--creds` option on a `plant`\nCLI execution. Valid section headings include `github`, `github_enterprise`, `bitbucket`,\nand `gitlab`.  Below is an example of the expected credentials entry.\n\n```ini\n[github]\nusername=your-gh-username\ntoken=your-gh-token\n```\n\n## Execution\n\nAuditree `plant` is a simple CLI that performs the function of adding evidence\nto an evidence locker.  As such, it has two execution modes; a `push-remote` mode\nand a `dry-run` mode.  Both modes will clone a git repository and place it into the\n`$TMPDIR/plant` folder.  Both modes will also provide handy progress output as\n`plant` processes the new evidence.  However, `push-remote` will push the changes\nto the remote repository before removing the locally cloned copy whereas `dry-run`\nwill not.  When provided an absolute path to a local git repository using the\n`--repo-path` option, `plant` will perform its plant-like duties as described\non the specified local git repository.  This can come in handy when looking to\nchain your `plant` execution after a successful run of the compliance automation\nfetchers and checks.\n\nAs most CLIs, Auditree `plant` comes with a help facility.\n\n```sh\nplant -h\n```\n\n```sh\nplant push-remote -h\n```\n\n```sh\nplant dry-run -h\n```\n\n### push-remote mode\n\nUse the `push-remote` mode when you want your changes to be applied to the remote\nevidence locker.  You can provide as many _evidence path_/_evidence detail_\nkey/value pairs as you need as part of the `--config` or as contents of your\n`--config-file`.\n\n```sh\nplant push-remote https://github.com/org-foo/repo-bar --config '{\"/absolute/path/to/my/evidence.ext\":{\"category\":\"foo\"}}'\n```\n\n```sh\nplant push-remote https://github.com/org-foo/repo-bar --config-file ./path/to/my/config_file.json\n```\n\n```sh\nplant push-remote https://github.com/org-foo/repo-bar --repo-path $TMPDIR\"compliance\" --config-file ./path/to/my/config_file.json\n```\n\n### dry-run mode\n\nUse the `dry-run` mode when you don't want your changes to be applied to the remote\nevidence locker and are just interested in seeing what effect the execution will have\non your evidence locker before you commit to pushing your changes to the remote repository.\nYou can provide as many _evidence path_/_evidence detail_ key/value pairs as you\nneed as part of the `--config` or as contents of your `--config-file`.\n\n```sh\nplant dry-run https://github.com/org-foo/repo-bar --config '{\"/absolute/path/to/my/evidence.ext\":{\"category\":\"foo\"}}'\n```\n\n```sh\nplant dry-run https://github.com/org-foo/repo-bar --config-file ./path/to/my/config_file.json\n```\n\n```sh\nplant dry-run https://github.com/org-foo/repo-bar --repo-path $TMPDIR\"compliance\" --config-file ./path/to/my/config_file.json\n```\n\n\n[platform-badge]: https://img.shields.io/badge/platform-osx%20|%20linux-orange.svg\n[python-badge]: https://img.shields.io/badge/python-v3.6+-blue.svg\n[pre-commit-badge]: https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit\u0026logoColor=white\n[python-dl]: https://www.python.org/downloads/\n[pre-commit]: https://github.com/pre-commit/pre-commit\n[pip-docs]: https://pip.pypa.io/en/stable/reference/pip/\n[virtual-env]: https://pypi.org/project/virtualenv/\n[auditree-framework]: https://github.com/ComplianceAsCode/auditree-framework\n[lint-test]: https://github.com/ComplianceAsCode/auditree-plant/actions?query=workflow%3A%22format+%7C+lint+%7C+test%22\n[pypi-upload]: https://github.com/ComplianceAsCode/auditree-plant/actions?query=workflow%3A%22PyPI+upload%22\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcomplianceascode%2Fauditree-plant","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcomplianceascode%2Fauditree-plant","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcomplianceascode%2Fauditree-plant/lists"}