If you have Go 1.17 or newer, you can install latest aactl using:
go install github.com/GoogleCloudPlatform/aactl/cmd/aactl@latestSince you are interested in aactl, you probably already have GCP account and project. If not, you learn about creating and managing projects here. The other prerequisites include:
aactl also depends on a few GCP service APIs. To enable these, run:
gcloud services enable containeranalysis.googleapis.comMake sure you have the following Identity and Access Management (IAM) roles in each project:
Learn how to grant multiple IAM roles to a user here
roles/artifactregistry.reader
roles/containeranalysis.occurrences.editor
roles/containeranalysis.notes.editorIf you experience any issues, you can see the project level policy using following command:
gcloud projects get-iam-policy $PROJECT_ID --format=json > policy.jsonWhen running locally, aactl will look for Google account credentials in one of the well-known locations. To ensure your Application Default Credentials (ADC) are used by the aactl run this gcloud command and follow the prompts:
gcloud auth application-default loginMore about ADC here
Code in this repository is licensed under the Apache 2.0. See LICENSE.