Create Evidence CLI - Sample Commands

jf evd create --subject-repo-path example-generic/file.txt --subject-sha256 7afd53a30794391969dd598dcae4daecd123ec7059b801c62a53c51b1ff17c21 --key private.pem --key-alias my-key-alias --predicate predicate.json --predicate-type https://jfrog.com/evidence/approval/v1 --provider-id gradle

jf evd create --predicate /Users/jsmith/Downloads/code-review.json --predicate-type https://in-toto.io/attestation/vulns --package-name DockerPackage --package-version 1.0.0 --package-repo-name local-docker --key /Users/jsmith/Documents/keys/private.pem --key-alias xyzey

jf evd create --predicate /Users/jsmith/Downloads/code-review.json --predicate-type https://in-toto.io/attestation/vulns --build-name DockerBuild --build-number 1.0.0 --key /Users/jsmith/Documents/keys/private.pem --key-alias xyzey

jf evd create --predicate /Users/jsmith/Downloads/code-review.json --predicate-type https://in-toto.io/attestation/vulns --release-bundle bundledemo --release-bundle-version 1.0.0 --key /Users/jsmith/Documents/keys/private.pem --key-alias xyzey 

jf evd create --predicate /Users/jsmith/Downloads/code-review.json --predicate-type https://in-toto.io/attestation/vulns --application-key green-pizza --application-version 1.2.4 --key /Users/jsmith/Documents/keys/private.pem --key-alias xyzey 

jf evd create --sigstore-bundle bundle.json

{
  "repository": "evidence-local",
  "path": "com/example/app/1.0/app-1.0.jar",
  "name": "provenance.json",
  "uri": "https://myrt.example.com/evidence/api/v1/subject/.../attestations/provenance.json",
  "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
  "predicate_type": "https://slsa.dev/provenance/v1",
  "predicate_category": "PROVENANCE",
  "predicate_slug": "slsa-provenance-v1",
  "created_at": "2024-11-01T12:34:56Z",
  "created_by": "[email protected]",
  "verified": true,
  "provider_id": "jfrog"
}