Anchore CLI
The command line interface for Anchore.
Step Module Reference
Reference documentation for Sophos Factory step modules, the basic building blocks of pipelines.
Ansible Playbook
Executes a Red Hat Ansible playbook.
ARM Template
Deploys an Azure Resource Manager template to Microsoft Azure.
Assert
Stops pipeline execution with Failed status if the assertion expression evaluates to false.
AWS CLI
Executes AWS CLI commands to manage AWS resources.
AWS CloudFormation
Creates a stack from a CloudFormation template on Amazon Web Services (AWS).
Azure CLI
Executes Azure CLI commands.
Checkov
Executes the Bridgecrew Checkov IaC static code analysis tool. Checkov can scan Terraform, CloudFormation, Kubernetes, and other IaC files for security vulnerabilities and misconfigurations.
CIS-CAT Assessor
Compares the configuration of a target system to CIS Benchmark recommendations and reports conformance on a scale of 0-100
Conditional Gate
Skips execution of all child steps of this step, according to a condition.
Credential
Creates a credential dynamically within a pipeline run. This module is useful for importing credentials from external systems, such as key stores, vaults, and CMDBs.
Debug Message
Prints a message to the pipeline run events. Useful for debugging variable values during execution.
Docker Build & Push
Builds a container image and optionally pushes it to a registry using Docker. This module uses the Docker Buildx plugin to enable advanced build scenarios, and automatically authenticates with a Docker registry.
GCP Template
Deploys resources to Google Cloud Platform using Deployment Manager templates.
Git Clone
Clones a git repository onto the runner.
Go Executor
Executes a Go program.
Helm Chart
Deploys a Helm chart to an existing Kubernetes cluster.
Helm CLI
Execute Helm commands using a shell script.
HTTP Request
Sends an HTTP request.
Install Anchore CLI
Installs the Anchore CLI on the runner.
Install Ansible
Installs Red Hat Ansible on the runner.
Install AWS CLI
Installs the AWS CLI executable on the runner.
Install Azure CLI
Installs the Azure CLI executable on the runner.
Install Checkov
Installs the Bridgecrew Checkov CLI on the runner.
Install CIS-CAT
Installs the CIS-CAT Assessor
Install gcloud CLI
Installs the Google gcloud executable on the runner.
Install Go
Installs the Golang runtime on the runner.
Install Helm
Installs the Helm CLI on the runner.
Install Java
Installs the Java executable on the runner.
Install kubectl
Installs the Kubernetes kubectl executable on the runner.
Install Node.js
Installs the Node.js executable on the runner.
Install PowerShell
Installs the PowerShell executable on the runner.
Install Python
Installs the Python executable on the runner.
Install SonarScanner
Installs the SonarScanner CLI on the runner.
Install Terraform
Installs the HashiCorp Terraform executable on the runner.
Install Terrascan
Installs Terrascan on the runner.
Install Trivy
Installs Trivy on the runner.
Install twistcli
Installs twistcli on the runner.
Install Vault CLI
Installs the HashiCorp Vault CLI executable on the runner.
Install ZAProxy
Installs the ZAProxy CLI on the runner.
kubectl
Modify resources on a Kubernetes cluster using the kubectl CLI.
Node.js Script
Executes a Node.js script.
OpenSCAP Scanner
OpenSCAP is a command line utility for working with the Security Content Automation Protocol (SCAP).
Pause
Pauses pipeline execution for a specified duration.
PowerShell Script
Executes a PowerShell script.
Python Script
Executes a Python script.
Resource Group
Creates or deletes a Resource Group on Microsoft Azure.
Set Variables
Adds a set of variables to the current vars context.
Shell Script
Executes a shell script.
SonarScanner
SonarScanner performs vulnerability scanning and automated code review on source code, and uploads the results to a SonarQube server for analysis.
Terraform
Operates on a Terraform project. Can validate, plan, and apply Terraform configurations.
Terrascan
Terrascan detects security vulnerabilities and compliance violations across your Infrastructure as Code.
Trivy
Trivy is a simple and comprehensive vulnerability scanner for containers and other artifacts.
twistcli
The command line interface for Prisma Cloud.
Vault
Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, auditing, and provides secrets as a service through a unified API.
Write File
Writes content to a file on the runner.
