Run Prancer CLI

Prancer CLI provides different arguments for the configuration of the run. On this page, we are reviewing all the available arguments for Prancer CLI. We are providing different examples of running the Crawler and Compliance of Prancer Framework. To start, make sure you have installed Prancer CLI and clone the Hello World application.

  • Clone this repository, https://github.com/prancer-io/prancer-hello-world
  • Check the file config.ini, here you can see the value of containerFolder in TESTS section is ./validation/(i.e. All the test cases are stored inside the validation directory).

Run the prancer help

prancer -h

usage:

  prancer [-h]
  [-v]
  [--db {NONE,SNAPSHOT,FULL,REMOTE}]
  [--crawler]
  [--compliance]
  [--file_content FILE_CONTENT]
  [--mastertestid MASTERTESTID]
  [--mastersnapshotid MASTERSNAPSHOTID]
  [--snapshotid SNAPSHOTID]
  [--env {DEV,QA,PROD,LOCAL}]
  [--apitoken APITOKEN]
  [--gittoken GITTOKEN]
  [--company COMPANY]
  [--createsnapshot]
  [--mastersnapshotfile MASTERSNAPSHOTFILE]
  [collection]

positional arguments:

Argument Description
collection The name of the folder which contains the collection of files related to one scenario

optional arguments:

Argument Description
-h --help Show this help message and exit
-v --version Show prancer version
--db {NONE, SNAPSHOT, FULL, REMOTE} NONE - Database will not be used, all the files reside on filesystem

SNAPSHOT - Resource snapshots will be stored in db, everything else will be on filesystem

FULL - tests, configurations, outputs and snapshots will be stored in the database

REMOTE - Connect to Prancer Enterprise solution to get the configuration files and send the results back.
--crawler Crawls the target environment and generates snapshot configuration file
--compliance Run only compliance tests based on the available snapshot configuration file
--file_content FILE_CONTENT The path of the file to be used as snapshost
--mastertestid MASTERTESTID Run the framework only for the master test Ids or compliance Ids mentioned here
--mastersnapshotid MASTERSNAPSHOTID Run the framework only for the master snapshot Ids mentioned here
--snapshotid SNAPSHOTID Run the framework only for the snapshot Ids mentioned here
--env {DEV, QA, PROD, LOCAL} DEV - API server is in dev environment

QA - API server is in qa environment

PROD - API server is in prod environment

LOCAL - API server is in local environment.
--apitoken APITOKEN API token to access prancer saas solution. (This argument is needed only when the --db is REMOTE).
--gittoken GITTOKEN github/enterprise/internal github API token to access repositories. (This argument is optional only when the --db is REMOTE)
--company COMPANY company name of the prancer saas solution (This argument is needed only when the --db is REMOTE)
--createsnapshot To generate all the snapshots after crawler is completed.
--mastersnapshotfile MASTERSNAPSHOTFILE To run crawler for the specific mastersnapshot file.

1) Run Crawler Only

prancer scenario-arm-pass --crawler --db=NONE
Parameters Description
scenario-arm-pass Name of the collection which contains master-snapshot and master-test files.
--crawler Specifies that you want to run crawler only on given collection.
--db=None It defines that the prancer have to find the collection of master-snapshot and master-test from local filesystem.
  • On completion of crawler, it generates the snapshot file inside the collection with name <mastersnapshot_name>_gen.json.

2) Run Compliance Only

prancer scenario-arm-pass --compliance --db=NONE
Parameters Description
scenario-arm-pass Name of the collection on which you want to run the compliance.
--compliance Specifies that you want to run compliance only on given collection.
--db=None It defines that the prancer have to find the collection of snapshot and master-test files from local filesystem.
  • On completion of compliance, it generates the snapshots folder inside the collection which contains the actual snapshot files of your cloud resources or templates files for IaC. It also creates the outputs file named output-<mastertest_name>.json which contains the passed and failed results of compliance.

3) Run both crawler and compliance

prancer scenario-arm-pass --db=NONE
prancer scenario-arm-pass --crawler --compliance --db=NONE
Parameters Description
scenario-arm-pass Name of the collection on which you want to run the compliance.
--db None It defines that the prancer have to find the collection of snapshot and mastertest files from local filesystem.
  • If neither --crawler nor --compliance is specified, then the default option is to run both processes. First it crawls the collection and generates the snapshot file. After that, it runs the compliance for the generated snapshot and generates the output file.

4) Run compliance for a file

prancer --db NONE --file-content /tmp/deploy.yaml <collection>
Parameters Description
collection Name of the collection on which you want to run the compliance.
--db None It defines that the prancer have to find the collection of snapshot and master-test files from local filesystem.
--file-content /tmp/deploy.yaml This the snapshot data and compliance is run for this as per the compliance tests in the collection.

5) Run compliance for one(or more) of the specific mastertestIDs

prancer --db NONE --mastertestid TEST_S3_14 <collection>
prancer --db NONE --mastertestid TEST_S3_14,TEST_EC2_1 <collection>
Parameters Description
collection Name of the collection on which you want to run the compliance.
--db None It defines that the prancer have to find the collection of snapshot and master-test files from local filesystem.
--mastertestid TEST_S3_14 The compliance is run only the specified masterTestID or comma separated masterTestIDs or compliance Ids.

6) Run compliance for one(or more) of the specific masterSnapshotIDs

prancer --db NONE --mastersnapshotid CFR_TEMPLATE_SNAPSHOT <collection>
prancer --db NONE --mastersnapshotid CFR_TEMPLATE_SNAPSHOT,EC2_TEMPLATE_SNAPSHOT <collection>
Parameters Description
collection Name of the collection on which you want to run the compliance.
--db None It defines that the prancer have to find the collection of snapshot and master-test files from local filesystem.
--mastersnapshotid CFR_TEMPLATE_SNAPSHOT The compliance is run only the specified masterSnapshotID or comma separated masterSnapshotIDs.

7) Run compliance for one(or more) of the specific snapshots

prancer --db NONE --snapshotid K8S_TEMPLATE_SNAPSHOT7,K8S_TEMPLATE_SNAPSHOT6 <collection>
Parameters Description
collection Name of the collection on which you want to run the compliance.
--db None It defines that the prancer have to find the collection of snapshot and master-test files from local filesystem.
--snapshotid K8S_TEMPLATE_SNAPSHOT7 The compliance is run only the specified SnapshotID or comma separated SnapshotIDs.
  • If you doesn't defines the --crawler or --compliance then it runs both proceesses. First it crawls the collection and generates the snapshot file.After it runs the compliance on it and generates the output file.

8) Run Specific compliance on all resources

prancer scenario-arm-pass --db=NONE --mastertestid `mastertestid_of_master_compliance_test`
Parameters Description
scenario-arm-pass Name of the collection on which you want to run the compliance.
--db=None It defines that the prancer have to find the collection of snapshot and master-test files from local filesystem.
mastertestid masterTestId provided in master-compliace-test

9) Run all compliances on specific resources

prancer scenario-arm-pass --db=NONE --mastersnapshotid `generated_mastersnapshotid`
Parameters Description
scenario-arm-pass Name of the collection on which you want to run the compliance.
--db=None It defines that the prancer have to find the collection of snapshot and master-test files from local filesystem.
mastersnapshotid snapshot id generated after running crawler looks like ARM_TEMPLATE_SNAPSHOT1

10) Run crawler and compliance remotely

prancer "GCP Collection" --db=REMOTE --apitoken=e734c17a1f5********************* --gittoken=ghp_************************************ --company=prancer
Parameters Description
GCP Collection Name of the collection exists on the Prancer portal.
--db=REMOTE It defines that the prancer have to find the collection of snapshot and master-test files remotely.
--apitoken User access token to access the prancer saas solution.
--gittoken github/enterprise/internal github API token to access the repositories.
--company company name of the prancer saas solution