Skip to content

README.en.md

Latest commit

 

History

History
160 lines (113 loc) · 4.71 KB

README.en.md

File metadata and controls

160 lines (113 loc) · 4.71 KB

workspace-cli

CI Release Go Version License

Chaitin Workspace CLI for products

Demo

CloudWalker

asciicast

T-Answer

asciicast

SafeLine

asciicast

SafeLine-CE

asciicast

DDR

asciicast

X-Ray

asciicast

Configuration

Put product connection settings in ./config.yaml:

cloudwalker:
  url: https://cloudwalker.example.com/rpc
  api_key: YOUR_API_KEY

tanswer:
  url: https://tanswer.example.com
  api_key: YOUR_API_KEY

# cws ddr get-api-token --url https://ddr.example.com:8443 --jwt-token "YOUR_JWT_TOKEN" can directly get url & api_key & company_id
ddr:
  url: "https://ddr.example.com:8443/qzh/api/v1"
  api_key: "YOUR_API_KEY"
  company_id: "YOUR_COMPANY_ID"

xray:
  url: https://xray.example.com/api/v2
  api_key: YOUR_API_KEY

You can also put the same keys into environment variables or a local .env file. Variable names follow <PRODUCT>_<FIELD>:

cloudwalker.url      -> CLOUDWALKER_URL
cloudwalker.api_key  -> CLOUDWALKER_API_KEY
tanswer.url          -> TANSWER_URL
tanswer.api_key      -> TANSWER_API_KEY
ddr.url              -> DDR_URL
ddr.api_key          -> DDR_API_KEY
ddr.company_id       -> DDR_COMPANY_ID
xray.url             -> XRAY_URL
xray.api_key         -> XRAY_API_KEY
safeline-ce.url      -> SAFELINE_CE_URL
safeline-ce.api_key  -> SAFELINE_CE_API_KEY
safeline.url         -> SAFELINE_URL
safeline.api_key     -> SAFELINE_API_KEY

Example .env:

SAFELINE_URL=https://safeline.example.com
SAFELINE_API_KEY=YOUR_API_KEY
XRAY_URL=https://xray.example.com/api/v2
XRAY_API_KEY=YOUR_API_KEY

Priority is flags > environment/.env > config.yaml.

Use root-level -c or --config to load a different config file. This is useful when you switch between multiple product instances, for example multiple SafeLine environments:

cws -c ./configs/safeline-prod.yaml safeline stats overview
cws -c ./configs/safeline-staging.yaml safeline stats overview

Use root-level --dry-run for commands that support dry-run:

cws --dry-run xray plan PostPlanFilter --filterPlan.limit=10

Project Structure

main.go                # Main entry point and CLI wiring
products/<name>/       # One dedicated directory per product
Taskfile.yml           # Build, run, and lint tasks

More Products

Add to products directory

Checklist for a new product:

  • Add the product package import in main.go.
  • Register the command in newApp() with a.registerProductCommand(...).
  • If NewCommand() returns (*cobra.Command, error), handle the error before registration.
  • If the product needs config.yaml or root-level runtime flags, implement ApplyRuntimeConfig(...) in the product package and call it from wrapProductCommand() in main.go.
  • Decode product-specific config inside the product package from config.Raw; do not add config field parsing to the root command.

BusyBox-Style Invocation

The same binary can be invoked directly by subcommand name through a symlink or by renaming the executable:

task build
ln -s ./bin/cws ./chaitin
./chaitin

This is equivalent to:

./bin/cws chaitin

AI Agent Skill

This project provides an AI Agent skill. Once installed, AI agents (Claude Code, Cursor, etc.) can invoke cws commands to manage Chaitin security products directly.

npx skills add chaitin/workspace-cli

After installation, simply describe your needs to the AI agent, for example:

  • "Show me recent attack logs in SafeLine"
  • "Create a scan task in X-Ray"
  • "List vulnerability events in CloudWalker"

Task

task build
task run:chaitin
task fmt
task lint
task test
task package GOOS=linux GOARCH=amd64