{"id":45803781,"url":"https://github.com/ministryofjustice/cloud-platform-cli","last_synced_at":"2026-02-26T13:05:19.371Z","repository":{"id":38241596,"uuid":"233586958","full_name":"ministryofjustice/cloud-platform-cli","owner":"ministryofjustice","description":"Multi-purpose CLI for the Ministry of Justice Cloud Platform","archived":false,"fork":false,"pushed_at":"2025-12-12T11:17:39.000Z","size":2045,"stargazers_count":7,"open_issues_count":13,"forks_count":10,"subscribers_count":3,"default_branch":"main","last_synced_at":"2026-01-15T06:12:54.025Z","etag":null,"topics":["cli","cloud-platform","cloud-platform-engineering","go"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ministryofjustice.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-01-13T12:07:41.000Z","updated_at":"2025-12-12T11:05:42.000Z","dependencies_parsed_at":"2023-07-13T12:31:08.247Z","dependency_job_id":"d296a73a-75f1-4ebf-b3e3-71605ccec52c","html_url":"https://github.com/ministryofjustice/cloud-platform-cli","commit_stats":null,"previous_names":["ministryofjustice/cloud-platform-tools","ministryofjustice/cloud-platform-moj-cp"],"tags_count":254,"template":false,"template_full_name":null,"purl":"pkg:github/ministryofjustice/cloud-platform-cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ministryofjustice%2Fcloud-platform-cli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ministryofjustice%2Fcloud-platform-cli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ministryofjustice%2Fcloud-platform-cli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ministryofjustice%2Fcloud-platform-cli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ministryofjustice","download_url":"https://codeload.github.com/ministryofjustice/cloud-platform-cli/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ministryofjustice%2Fcloud-platform-cli/sbom","scorecard":{"id":648487,"data":{"date":"2025-08-11","repo":{"name":"github.com/ministryofjustice/cloud-platform-cli","commit":"cb1aa27370e4c866b6d8a99a574c6af51765e4cf"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.3,"checks":[{"name":"Maintained","score":10,"reason":"17 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/code-analysis.yml:14","Info: jobLevel 'contents' permission set to 'read': .github/workflows/code-analysis.yml:15","Warn: topLevel 'contents' permission set to 'write': .github/workflows/build-adhoc-release.yml:7","Warn: no topLevel permission defined: .github/workflows/build-docs.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/build-release.yml:9","Warn: no topLevel permission defined: .github/workflows/code-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/dependencies-project.yml:1","Warn: no topLevel permission defined: .github/workflows/docker-tests.yaml:1","Warn: no topLevel permission defined: .github/workflows/go-tests.yaml:1","Warn: no topLevel permission defined: .github/workflows/go-vet-lint-deps.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":7,"reason":"dependency not pinned by hash detected -- score normalized to 7","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependencies-project.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/ministryofjustice/cloud-platform-cli/dependencies-project.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-tests.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/ministryofjustice/cloud-platform-cli/docker-tests.yaml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:2","Warn: containerImage not pinned by hash: Dockerfile:42: pin your Docker image by updating debian:bookworm-20250520-slim to debian:bookworm-20250520-slim@sha256:90522eeb7e5923ee2b871c639059537b30521272f10ca86fdbbbb2b75a8c40cd","Warn: goCommand not pinned by hash: .github/workflows/go-vet-lint-deps.yaml:30","Info:  16 out of  16 GitHub-owned GitHubAction dependencies pinned","Info:  15 out of  17 third-party GitHubAction dependencies pinned","Info:   0 out of   2 containerImage dependencies pinned","Info:   0 out of   1 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/build-adhoc-release.yml:10"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/ministryofjustice/.github/SECURITY.md:1","Info: Found linked content: github.com/ministryofjustice/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/ministryofjustice/.github/SECURITY.md:1","Info: Found text in security policy: github.com/ministryofjustice/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 1.47.1 not signed: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/240036626","Warn: release artifact 1.47.0 not signed: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/232890331","Warn: release artifact 1.46.2 not signed: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/232828299","Warn: release artifact 1.46.1 not signed: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/224929852","Warn: release artifact 1.46.0 not signed: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/220268551","Warn: release artifact 1.47.1 does not have provenance: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/240036626","Warn: release artifact 1.47.0 does not have provenance: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/232890331","Warn: release artifact 1.46.2 does not have provenance: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/232828299","Warn: release artifact 1.46.1 does not have provenance: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/224929852","Warn: release artifact 1.46.0 does not have provenance: https://api.github.com/repos/ministryofjustice/cloud-platform-cli/releases/220268551"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"12 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0635","Warn: Project is vulnerable to: GO-2022-0646","Warn: Project is vulnerable to: GO-2025-3754 / GHSA-2x5j-vhc8-9cwm","Warn: Project is vulnerable to: GO-2025-3553 / GHSA-mh63-6h87-95cp","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2025-3488 / GHSA-6v2p-p543-phr9","Warn: Project is vulnerable to: GO-2024-2611 / GHSA-8r3f-844c-mc37"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T12:50:00.314Z","repository_id":38241596,"created_at":"2025-08-21T12:50:00.314Z","updated_at":"2025-08-21T12:50:00.314Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29860110,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-26T08:51:08.701Z","status":"ssl_error","status_checked_at":"2026-02-26T08:50:19.607Z","response_time":89,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","cloud-platform","cloud-platform-engineering","go"],"created_at":"2026-02-26T13:05:18.669Z","updated_at":"2026-02-26T13:05:19.356Z","avatar_url":"https://github.com/ministryofjustice.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cloud Platform Tool CLI\n\n[![Releases](https://img.shields.io/github/release/ministryofjustice/cloud-platform-cli/all.svg?style=flat-square)](https://github.com/ministryofjustice/cloud-platform-cli/releases)\n[![codecov](https://codecov.io/gh/ministryofjustice/cloud-platform-cli/branch/main/graph/badge.svg?token=BUF45279MY)](https://codecov.io/gh/ministryofjustice/cloud-platform-cli)\n\n`cloud-platform` is a command-line tool used by the cloud-platform team and tenants to perform actions on the platform, for example:\n\n- Create environment configuration using a template\n- Divergences in terraform states\n- Terraform apply\n- Others\n\nUser documentation is here: https://user-guide.cloud-platform.service.justice.gov.uk/documentation/getting-started/cloud-platform-cli.html\n\n## Install\n\n### via Homebrew\n\n```\nbrew install ministryofjustice/cloud-platform-tap/cloud-platform-cli\n```\n\n### Manually\n\nThese installation instructions are for a Mac. If you have a different kind of\ncomputer, please amend the steps appropriately.\n\nPlease substitute the latest release number. You can see the latest release\nnumber in the badge near the top of this page, and all available releases on\n[this page][github ui].\n\n```\nRELEASE=\u003cinsert latest release\u003e\nwget https://github.com/ministryofjustice/cloud-platform-cli/releases/download/${RELEASE}/cloud-platform-cli_${RELEASE}_darwin_amd64.tar.gz\ntar xzvf cloud-platform-cli_${RELEASE}_darwin_amd64.tar.gz\nmv cloud-platform /usr/local/bin/\n```\n\nNB: You may need to manually open the file to override OSX restrictions against\nexecuting binaries downloaded from the internet. To do this, locate the file in\nthe Finder, right-click it and choose \"Open\". After doing this once, you should\nbe able to run the command as normal.\n\n## Usage\n\nThe `/doc` directory should contain usage instructions, otherwise, please see the output of `cloud-platform --help` or the [user-guide](https://user-guide.cloud-platform.service.justice.gov.uk/documentation/getting-started/cloud-platform-cli.html) entry for more information.\n\n### Autogenerate documentation\n\nThe cli uses the [cobra-docs](https://github.com/spf13/cobra/blob/main/doc/md_docs.md) generator to create automated Markdown pages from Cobra.\n\nWhen a pull-request is opened, a GitHub Action will trigger and autogenerate the documentation. The action will commit these changes back to the remote branch.\n\n## Develop\n\nYou will need Go installed.\n\n### Build locally\n\nRun `make` to create a `cloud-platform` binary.\n\n[note] Something worth noting when building locally. You'll need to pass the `--skip-version-check` command to avoid a message about upgrading.\n\n### Testing\n\nThere are two types of tests in this repository:\n\n#### Integration\n\nThese tests build the root binary and test the output of a command. For example, `cloud-platform version` will output `testBuild` using a package called [go-testcmd](https://github.com/google/go-cmdtest). Integration tests are tagged with `integration` so won't run using the normal `go test -v ./...` command. You'll have to pass the `integration` keyword as a build tag, i.e. `go test -v ./... --tags integration`\n\nIf you'd like to create a new integration test, add the following to the top of your test file: `//go:build integration`.\n\nIf the output of a command changes and the tests start failing, simply add the `-update` flag to your test command and they'll automatically update on your behalf. For example: `go test . --tags integration -update`\n\n#### Unit\n\nThese tests live next to the code, they have no build tag and will run regardless of the flag you on build.\n\nRun `make test` to run the unit tests.\n\nThere are Dockerfile structure tests that run automatically in a pipeline. If you want to run these locally, install the [container-structure-test](https://github.com/GoogleContainerTools/container-structure-test#installation) binary and run:\n\n```bash\ncontainer-structure-test test --image my-image-name \\\n--config docker-test.yaml\n```\n\n##### Mocks\n\nWe encourage you to implement your own mocks as much as possible, abstract away parameters into interfaces and initialise mock interfaces in your tests [for example](./pkg/cluster/delete_utils/tf_utils.go). Where you require more complex mocks we lean on [mockery](https://github.com/vektra/mockery). You can find examples [./pkg/mocks](./pkg/mocks) (these are automatically generated by mockery). To regenerate mocks you can adjust the following commands:\n\n```bash\nbrew install mockery\nbrew updae mockery\nmockery --name=terraformExec  --structname=TerraformExec --output=pkg/mocks/terraform --dir=\"pkg/terraform\"\n```\n\n### Releasing a new version\n\nThis project includes a [github action](.github/workflows/build-release.yml) which\nwill automatically do the following steps:\n\n- build a new release and make it available in the [github ui]\n- build a new docker image and push it to [docker hub], tagged with the version number\n\nIn order to trigger this action, push a new tag version like this:\n\n```\ngit tag [my new version]\ngit push --tags\n```\n\nWhen pushing a new tag, consider following [Semantic Versioning](https://semver.org/#semantic-versioning-200) with version format of `MAJOR.MINOR.PATCH`\n\n#### `PreRun` hook\n\n**Every** new command should have a PreRun hook as follows, to ensure the version of the cli tool is consistent:\n\n```\nPreRun: upgradeIfNotLatest,\n```\n\nSee the existing commands for examples.\n\n[docker hub]: https://hub.docker.com/repository/docker/ministryofjustice/cloud-platform-cli\n[github ui]: https://github.com/ministryofjustice/cloud-platform-cli/releases\n\n### Update container Image in Cloud Platform Concourse pipelines\n\nThe [Cloud Platform concourse pipeline](https://github.com/ministryofjustice/cloud-platform-terraform-concourse/tree/main/pipelines/manager/main) uses many of the cli commands such as deploying the [environments repo](https://github.com/ministryofjustice/cloud-platform-environments.git) to Cloud Platform kubernetes Cluster, checking divergence on cloud platform infrastructure, regular cluster create-test-destroy operations etc. Whenever the cli tool is released, a docker image is build an pushed to the docker hub using github workflow. Update the concourse pipeline with the latest cli image to ensure latest of cli binary runs on the pipeline.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fministryofjustice%2Fcloud-platform-cli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fministryofjustice%2Fcloud-platform-cli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fministryofjustice%2Fcloud-platform-cli/lists"}