veracarto 0.1.8 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +59 -33
- package/dist/cli/index.js +1854 -2068
- package/dist/cli/index.js.map +4 -4
- package/package.json +6 -8
- package/setup.sh +0 -68
package/package.json
CHANGED
|
@@ -1,20 +1,18 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "veracarto",
|
|
3
|
-
"version": "0.1
|
|
4
|
-
"description": "
|
|
5
|
-
"main": "dist/cli/index.js",
|
|
3
|
+
"version": "0.2.1",
|
|
4
|
+
"description": "Agentic GCP security remediation tool",
|
|
6
5
|
"bin": {
|
|
7
|
-
"veracarto": "
|
|
6
|
+
"veracarto": "dist/cli/index.js"
|
|
8
7
|
},
|
|
9
8
|
"files": [
|
|
10
|
-
"dist/cli"
|
|
11
|
-
"setup.sh",
|
|
12
|
-
"README.md"
|
|
9
|
+
"dist/cli"
|
|
13
10
|
],
|
|
14
11
|
"keywords": [
|
|
15
12
|
"gcp",
|
|
16
13
|
"security",
|
|
17
14
|
"cloud",
|
|
15
|
+
"remediation",
|
|
18
16
|
"cli",
|
|
19
17
|
"agent"
|
|
20
18
|
],
|
|
@@ -25,7 +23,7 @@
|
|
|
25
23
|
"scripts": {
|
|
26
24
|
"dev:server": "tsx watch src/server/index.ts",
|
|
27
25
|
"dev:cli": "node esbuild.cli.js --watch",
|
|
28
|
-
"build": "
|
|
26
|
+
"build": "node esbuild.server.js && node esbuild.cli.js",
|
|
29
27
|
"build:cli": "node esbuild.cli.js",
|
|
30
28
|
"build:server": "node esbuild.server.js",
|
|
31
29
|
"prepublishOnly": "npm run build:cli",
|
package/setup.sh
DELETED
|
@@ -1,68 +0,0 @@
|
|
|
1
|
-
#!/bin/bash
|
|
2
|
-
set -e
|
|
3
|
-
|
|
4
|
-
PROJECT_ID=${1:-$(gcloud config get-value project 2>/dev/null)}
|
|
5
|
-
|
|
6
|
-
if [ -z "$PROJECT_ID" ]; then
|
|
7
|
-
echo "Usage: bash setup.sh YOUR_PROJECT_ID"
|
|
8
|
-
echo " or: bash <(curl -s https://api.veracarto.com/setup.sh) YOUR_PROJECT_ID"
|
|
9
|
-
exit 1
|
|
10
|
-
fi
|
|
11
|
-
|
|
12
|
-
VERACARTO_SA="veracarto-server@promptask-444802.iam.gserviceaccount.com"
|
|
13
|
-
|
|
14
|
-
echo ""
|
|
15
|
-
echo "Veracarto Setup"
|
|
16
|
-
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
17
|
-
echo "Project: $PROJECT_ID"
|
|
18
|
-
echo ""
|
|
19
|
-
|
|
20
|
-
echo "Granting read-only access..."
|
|
21
|
-
echo ""
|
|
22
|
-
|
|
23
|
-
ROLES=(
|
|
24
|
-
"roles/securitycenter.findingsViewer"
|
|
25
|
-
"roles/cloudasset.viewer"
|
|
26
|
-
"roles/logging.viewer"
|
|
27
|
-
"roles/run.viewer"
|
|
28
|
-
"roles/cloudbuild.builds.viewer"
|
|
29
|
-
)
|
|
30
|
-
|
|
31
|
-
for ROLE in "${ROLES[@]}"; do
|
|
32
|
-
gcloud projects add-iam-policy-binding "$PROJECT_ID" \
|
|
33
|
-
--member="serviceAccount:$VERACARTO_SA" \
|
|
34
|
-
--role="$ROLE" \
|
|
35
|
-
--quiet > /dev/null 2>&1
|
|
36
|
-
echo " ✓ $ROLE"
|
|
37
|
-
done
|
|
38
|
-
|
|
39
|
-
echo ""
|
|
40
|
-
echo "Enabling required APIs..."
|
|
41
|
-
echo ""
|
|
42
|
-
|
|
43
|
-
APIS=(
|
|
44
|
-
"securitycenter.googleapis.com"
|
|
45
|
-
"cloudasset.googleapis.com"
|
|
46
|
-
"logging.googleapis.com"
|
|
47
|
-
"run.googleapis.com"
|
|
48
|
-
"cloudbuild.googleapis.com"
|
|
49
|
-
"compute.googleapis.com"
|
|
50
|
-
"iam.googleapis.com"
|
|
51
|
-
)
|
|
52
|
-
|
|
53
|
-
for API in "${APIS[@]}"; do
|
|
54
|
-
if gcloud services enable "$API" --project="$PROJECT_ID" --quiet 2>/dev/null; then
|
|
55
|
-
echo " ✓ $API"
|
|
56
|
-
else
|
|
57
|
-
echo " ⚠ $API — could not enable automatically"
|
|
58
|
-
echo " Enable manually: gcloud services enable $API --project=$PROJECT_ID"
|
|
59
|
-
fi
|
|
60
|
-
done
|
|
61
|
-
|
|
62
|
-
echo ""
|
|
63
|
-
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
64
|
-
echo "Done. Veracarto can now read your GCP project."
|
|
65
|
-
echo ""
|
|
66
|
-
echo "Next: run veracarto init"
|
|
67
|
-
echo "When prompted, enter your project ID: $PROJECT_ID"
|
|
68
|
-
echo ""
|