Release: log error from flag assignment from env vars to standard err…

…ros (#365)

* ensure errors from env variable flag assignments are logged to standard error and fix tests

* revert tests

docs.kosli.com/assets/metadata.json

@@ -1 +1 @@
-{"currentversion": "v2.10.18"}
+{"currentversion": "v2.11.0"}

docs.kosli.com/content/client_reference/kosli_attest_junit.md

@@ -8,7 +8,9 @@ deprecated: false
 
 ## Synopsis
 
-Report a junit attestation to an artifact or a trail in a Kosli flow.  
+Report a junit attestation to an artifact or a trail in a Kosli flow.
+JUnit xml files are read from the `--results-dir` directory which defaults to the current directory.
+The xml files are automatically uploaded as `--attachments` via the `--upload-results` flag which defaults to `true`.  
 
 The attestation can be bound to a trail using the trail name.
 

docs.kosli.com/content/client_reference/kosli_begin_trail.md

@@ -11,7 +11,10 @@ deprecated: false
 Begin or update a Kosli flow trail.
 
 You can optionally associate the trail to a git commit using `--commit` (requires access to a git repo). And you  
-can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`
+can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`.
+
+`TRAIL-NAME`s must start with a letter or number, and only contain letters, numbers, `.`, `-`, `_`, and `~`.
+
 
 ```shell
 kosli begin trail TRAIL-NAME [flags]

docs.kosli.com/content/client_reference/kosli_create_environment.md

@@ -35,6 +35,8 @@ Logical environments are used for grouping of physical environments. For instanc
 be grouped into logical environment **prod**. Logical environments are view-only, you can not report snapshots
 to them.
 
+`ENVIRONMENT-NAME`s must start with a letter or number, and only contain letters, numbers, `.`, `-`, `_`, and `~`.
+
 
 ```shell
 kosli create environment ENVIRONMENT-NAME [flags]

docs.kosli.com/content/client_reference/kosli_create_flow.md

@@ -11,6 +11,9 @@ deprecated: false
 Create or update a Kosli flow.
 You can specify flow parameters in flags.
 
+`FLOW-NAME`s must start with a letter or number, and only contain letters, numbers, `.`, `-`, `_`, and `~`.
+
+
 ```shell
 kosli create flow FLOW-NAME [flags]
 ```

docs.kosli.com/content/client_reference/kosli_snapshot_ecs.md

@@ -8,7 +8,8 @@ deprecated: false
 
 ## Synopsis
 
-Report a snapshot of running containers in an AWS ECS cluster or service to Kosli.  
+Report a snapshot of running containers in one or more AWS ECS cluster(s) to Kosli.  
+Skip `--clusters` and `--clusters-regex` to report all clusters in a given AWS account. Or use `--exclude` and/or `--exclude-regex` to report all clusters excluding some.
 The reported data includes container image digests and creation timestamps.
 
 To authenticate to AWS, you can either:  
@@ -30,10 +31,12 @@ kosli snapshot ecs ENVIRONMENT-NAME [flags]
 |        --aws-key-id string  |  The AWS access key ID.  |
 |        --aws-region string  |  The AWS region.  |
 |        --aws-secret-key string  |  The AWS secret access key.  |
-|    -C, --cluster string  |  The name of the ECS cluster.  |
+|        --clusters strings  |  [optional] The comma-separated list of ECS cluster names to snapshot. Can't be used together with --exclude or --exclude-regex.  |
+|        --clusters-regex strings  |  [optional] The comma-separated list of ECS cluster name regex patterns to snapshot. Can't be used together with --exclude or --exclude-regex.  |
 |    -D, --dry-run  |  [optional] Run in dry-run mode. When enabled, no data is sent to Kosli and the CLI exits with 0 exit code regardless of any errors.  |
+|        --exclude strings  |  [optional] The comma-separated list of ECS cluster names to exclude. Can't be used together with --exclude or --exclude-regex.  |
+|        --exclude-regex strings  |  [optional] The comma-separated list of ECS cluster name regex patterns to exclude. Can't be used together with --clusters or --clusters-regex.  |
 |    -h, --help  |  help for ecs  |
-|    -s, --service-name string  |  [optional] The name of the ECS service.  |
 
 
 ## Flags inherited from parent commands
@@ -58,7 +61,7 @@ export AWS_ACCESS_KEY_ID=yourAWSAccessKeyID
 export AWS_SECRET_ACCESS_KEY=yourAWSSecretAccessKey
 
 kosli snapshot ecs yourEnvironmentName \
-	--cluster yourECSClusterName \
+	--clusters yourECSClusterName \
 	--api-token yourAPIToken \
 	--org yourOrgName
 
@@ -72,22 +75,33 @@ export AWS_ACCESS_KEY_ID=yourAWSAccessKeyID
 export AWS_SECRET_ACCESS_KEY=yourAWSSecretAccessKey
 
 kosli snapshot ecs yourEnvironmentName \
-	--cluster yourECSClusterName \
+	--clusters yourECSClusterName \
 	--service-name yourECSServiceName \
 	--api-token yourAPIToken \
 	--org yourOrgName
 
 ```
 
-**report what is running in in a specific AWS ECS service within a cluster (AWS auth provided in flags)**
+**report what is running in all ECS clusters in an AWS account (AWS auth provided in flags)**
+
+```shell
+kosli snapshot ecs yourEnvironmentName \
+	--aws-key-id yourAWSAccessKeyID \
+	--aws-secret-key yourAWSSecretAccessKey \
+	--aws-region yourAWSRegion \
+	--api-token yourAPIToken \
+	--org yourOrgName
+
+```
+
+**report what is running in all ECS clusters in an AWS account except for clusters with names matching given regex patterns**
 
 ```shell
 kosli snapshot ecs yourEnvironmentName \
-	--cluster yourECSClusterName \
-	--service-name yourECSServiceName \
 	--aws-key-id yourAWSAccessKeyID \
 	--aws-secret-key yourAWSSecretAccessKey \
 	--aws-region yourAWSRegion \
+	--exclude-regex "those-names.*" \
 	--api-token yourAPIToken \
 	--org yourOrgName
 ```

docs.kosli.com/content/client_reference/kosli_snapshot_k8s.md

@@ -9,6 +9,7 @@ deprecated: false
 ## Synopsis
 
 Report a snapshot of running pods in a K8S cluster or namespace(s) to Kosli.  
+Skip `--namespaces` and `--namespaces-regex` to report all pods in all namespaces in a cluster.
 The reported data includes pod container images digests and creation timestamps. You can customize the scope of reporting
 to include or exclude namespaces.
 
@@ -20,10 +21,12 @@ kosli snapshot k8s ENVIRONMENT-NAME [flags]
 | Flag | Description |
 | :--- | :--- |
 |    -D, --dry-run  |  [optional] Run in dry-run mode. When enabled, no data is sent to Kosli and the CLI exits with 0 exit code regardless of any errors.  |
-|    -x, --exclude-namespaces strings  |  [conditional] The comma separated list of namespaces regex patterns NOT to report artifacts info from. Can't be used together with --namespace.  |
+|    -x, --exclude-namespaces strings  |  [optional] The comma separated list of namespaces names to exclude from reporting artifacts info from. Can't be used together with --namespaces or --namespaces-regex.  |
+|        --exclude-namespaces-regex strings  |  [optional] The comma separated list of namespaces regex patterns to exclude from reporting artifacts info from. Can't be used together with --namespaces or --namespaces-regex.  |
 |    -h, --help  |  help for k8s  |
 |    -k, --kubeconfig string  |  [defaulted] The kubeconfig path for the target cluster. (default "$HOME/.kube/config")  |
-|    -n, --namespaces strings  |  [conditional] The comma separated list of namespaces regex patterns to report artifacts info from. Can't be used together with --exclude-namespace.  |
+|    -n, --namespaces strings  |  [optional] The comma separated list of namespaces names to report artifacts info from. Can't be used together with --exclude-namespaces or --exclude-namespaces-regex.  |
+|        --namespaces-regex strings  |  [optional] The comma separated list of namespaces regex patterns to report artifacts info from. Can't be used together with --exclude-namespaces --exclude-namespaces-regex.  |
 
 
 ## Flags inherited from parent commands

docs.kosli.com/content/client_reference/kosli_snapshot_lambda.md

@@ -9,7 +9,7 @@ deprecated: false
 ## Synopsis
 
 Report a snapshot of artifacts deployed as one or more AWS Lambda functions and their digests to Kosli.  
-Skip `--function-names` to report all functions in a given AWS account. Or use `--exclude` and/or `--exclude-regex` to report all functions excluding some.
+Skip `--function-names` and `--function-names-regex` to report all functions in a given AWS account. Or use `--exclude` and/or `--exclude-regex` to report all functions excluding some.
 
 To authenticate to AWS, you can either:  
   1) provide the AWS static credentials via flags or by exporting the equivalent KOSLI env vars (e.g. KOSLI_AWS_KEY_ID)  
@@ -33,7 +33,8 @@ kosli snapshot lambda ENVIRONMENT-NAME [flags]
 |    -D, --dry-run  |  [optional] Run in dry-run mode. When enabled, no data is sent to Kosli and the CLI exits with 0 exit code regardless of any errors.  |
 |        --exclude strings  |  [optional] The comma-separated list of AWS Lambda function names to be excluded. Cannot be used together with --function-names  |
 |        --exclude-regex strings  |  [optional] The comma-separated list of name regex patterns for AWS Lambda functions to be excluded. Cannot be used together with --function-names. Allowed regex patterns are described in https://github.com/google/re2/wiki/Syntax  |
-|        --function-names strings  |  [optional] The comma-separated list of AWS Lambda function names to be reported.  |
+|        --function-names strings  |  [optional] The comma-separated list of AWS Lambda function names to be reported. Cannot be used together with --exclude or --exclude-regex.  |
+|        --function-names-regex strings  |  [optional] The comma-separated list of AWS Lambda function names regex patterns to be reported. Cannot be used together with --exclude or --exclude-regex.  |
 |    -h, --help  |  help for lambda  |
 
 
@@ -93,6 +94,20 @@ kosli snapshot lambda yourEnvironmentName \
 
 ```
 
+**report what is running in the latest version of AWS Lambda functions that match a name regex**
+
+```shell
+export AWS_REGION=yourAWSRegion
+export AWS_ACCESS_KEY_ID=yourAWSAccessKeyID
+export AWS_SECRET_ACCESS_KEY=yourAWSSecretAccessKey
+
+kosli snapshot lambda yourEnvironmentName \
+	--function-names-regex yourFunctionNameRegexPattern \
+	--api-token yourAPIToken \
+	--org yourOrgName
+
+```
+
 **report what is running in the latest version of multiple AWS Lambda functions (AWS auth provided in env variables)**
 
 ```shell

docs.kosli.com/content/legacy_ref/v2.10.14/_index.md

@@ -1,7 +1,7 @@
 ---
 title: v2.10.14
 bookCollapseSection: true
-weight: 603
+weight: 604
 ---
 
 # v2.10.14

docs.kosli.com/content/legacy_ref/v2.10.15/_index.md

@@ -1,7 +1,7 @@
 ---
 title: v2.10.15
 bookCollapseSection: true
-weight: 602
+weight: 603
 ---
 
 # v2.10.15

docs.kosli.com/content/legacy_ref/v2.10.16/_index.md

@@ -1,7 +1,7 @@
 ---
 title: v2.10.16
 bookCollapseSection: true
-weight: 601
+weight: 602
 ---
 
 # v2.10.16

docs.kosli.com/content/legacy_ref/v2.10.17/_index.md

@@ -1,7 +1,7 @@
 ---
 title: v2.10.17
 bookCollapseSection: true
-weight: 600
+weight: 601
 ---
 
 # v2.10.17

docs.kosli.com/content/legacy_ref/v2.10.18/_index.md

@@ -0,0 +1,7 @@
+---
+title: v2.10.18
+bookCollapseSection: true
+weight: 600
+---
+
+# v2.10.18

docs.kosli.com/content/legacy_ref/v2.10.13/kosli_attest_artifact.md → docs.kosli.com/content/legacy_ref/v2.10.18/kosli_attest_artifact.md

@@ -9,7 +9,9 @@ deprecated: false
 ## Synopsis
 
 Attest an artifact creation to a Kosli flow.  
-The artifact SHA256 fingerprint is calculated (based on the `--artifact-type` flag and the artifact name/path argument) or can be provided directly (with the `--fingerprint` flag).
+The artifact SHA256 fingerprint is calculated (based on the `--artifact-type` flag and the artifact name/path argument) or can be provided directly (with the `--fingerprint` flag).To specify paths in a directory artifact that should always be excluded from the SHA256 calculation, you can add a `.kosli_ignore` file to the root of the artifact.
+Each line should specify a relative path or path glob to be ignored. You can include comments in this file, using `#`.
+The `.kosli_ignore` will be treated as part of the artifact like any other file,unless it is explicitly ignored itself.
 This command requires access to a git repo to associate the artifact to the git commit it is originating from. 
 You can optionally redact some of the git commit data sent to Kosli using `--redact-commit-info`
 

docs.kosli.com/content/legacy_ref/v2.10.13/kosli_attest_generic.md → docs.kosli.com/content/legacy_ref/v2.10.18/kosli_attest_generic.md

@@ -119,6 +119,7 @@ kosli attest generic \
 	--name yourTemplateArtifactName.yourAttestationName \
 	--flow yourFlowName \
 	--trail yourTrailName \
+	--commit yourArtifactGitCommit \
 	--api-token yourAPIToken \
 	--org yourOrgName
 
@@ -131,7 +132,7 @@ kosli attest generic \
 	--name yourAttestationName \
 	--flow yourFlowName \
 	--trail yourTrailName \
-	--attachments=yourAttachmentPathName \
+	--attachments yourAttachmentPathName \
 	--api-token yourAPIToken \
 	--org yourOrgName
 

docs.kosli.com/content/legacy_ref/v2.10.13/kosli_attest_jira.md → docs.kosli.com/content/legacy_ref/v2.10.18/kosli_attest_jira.md

@@ -135,6 +135,7 @@ kosli attest jira \
 	--name yourTemplateArtifactName.yourAttestationName \
 	--flow yourFlowName \
 	--trail yourTrailName \
+	--commit yourArtifactGitCommit \
 	--jira-base-url https://kosli.atlassian.net \
 	--jira-username [email protected] \
 	--jira-api-token yourJiraAPIToken \
@@ -153,7 +154,7 @@ kosli attest jira \
 	--jira-base-url https://kosli.atlassian.net \
 	--jira-username [email protected] \
 	--jira-api-token yourJiraAPIToken \
-	--attachments=yourAttachmentPathName \
+	--attachments yourAttachmentPathName \
 	--api-token yourAPIToken \
 	--org yourOrgName
 

docs.kosli.com/content/legacy_ref/v2.10.13/kosli_attest_junit.md → docs.kosli.com/content/legacy_ref/v2.10.18/kosli_attest_junit.md

@@ -123,6 +123,7 @@ kosli attest junit \
 	--name yourTemplateArtifactName.yourAttestationName \
 	--flow yourFlowName \
 	--trail yourTrailName \
+	--commit yourArtifactGitCommit \
 	--results-dir yourFolderWithJUnitResults \
 	--api-token yourAPIToken \
 	--org yourOrgName
@@ -137,7 +138,7 @@ kosli attest junit \
 	--flow yourFlowName \
 	--trail yourTrailName \
 	--results-dir yourFolderWithJUnitResults \
-	--attachments=yourAttachmentPathName \
+	--attachments yourAttachmentPathName \
 	--api-token yourAPIToken \
 	--org yourOrgName
 ```

docs.kosli.com/content/legacy_ref/v2.10.13/kosli_attest_snyk.md → docs.kosli.com/content/legacy_ref/v2.10.18/kosli_attest_snyk.md

@@ -131,6 +131,7 @@ kosli attest snyk \
 	--name yourTemplateArtifactName.yourAttestationName \
 	--flow yourFlowName \
 	--trail yourTrailName \
+	--commit yourArtifactGitCommit \
 	--scan-results yourSnykSARIFScanResults \
 	--api-token yourAPIToken \
 	--org yourOrgName
@@ -145,7 +146,7 @@ kosli attest snyk \
 	--flow yourFlowName \
 	--trail yourTrailName \
 	--scan-results yourSnykSARIFScanResults \
-	--attachments=yourEvidencePathName \
+	--attachments yourEvidencePathName \
 	--api-token yourAPIToken \
 	--org yourOrgName