https://complytime.dev/docs/projects/complyctl/Recent content in Complyctl on ComplyTimeHugoen-USCopyright (c) 2024-2025 ComplyTimeMon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/overview/Mon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/overview/<p>A lightweight compliance runtime that pulls <a href="https://gemara.openssf.org/">Gemara</a> policies from an OCI registry and executes scans via plugins.</p> <h3 id="architecture">Architecture<a class="anchor" href="#architecture" aria-label="Anchor">#</a> </h3> <div class="expressive-code"> <figure class="frame not-content"> <figcaption class="header"> <span class="title"></span> </figcaption> <pre tabindex="0"><code>┌──────────────────────────────────────────────────────────────────┐ │ Host │ │ │ │ ┌──────────────┐ complyctl get ┌───────────────────────┐ │ │ │ OCI Registry │ ◄────────────────── │ │ │ │ │ │ ───────────────────►│ complyctl CLI │ │ │ │ Gemara │ catalog + policy │ │ │ │ │ policies │ layers (YAML) │ init / get / list │ │ │ └──────────────┘ │ generate / scan │ │ │ │ doctor / providers │ │ │ │ version │ │ │ └─────┬────────┬────────┘ │ │ │ │ │ │ ┌────────────┘ │ │ │ │ │ │ │ ▼ ▼ │ │ ┌──────────────┐ ┌────────────────┐ │ │ │ Cache │ │ Providers │ │ │ │ │ │ │ │ │ │ ~/.complytime│ │ ~/.complytime/ │ │ │ │ /policies/ │ │ providers/ │ │ │ │ state.json │ │ │ │ │ │ │ │ complyctl- │ │ │ │ OCI Layout │ │ provider-* │ │ │ │ per policy │ │ │ │ │ └──────────────┘ │ gRPC: Describe │ │ │ │ Generate, Scan │ │ │ ┌──────────────┐ └────────────────┘ │ │ │ Workspace │ │ │ │ │ complytime.yaml defines: │ │ │ ./complytime │ - registry URL │ │ │ .yaml │ - policy IDs + versions │ │ │ │ - targets + variables │ │ │ ./.comply- │ │ │ │ time/scan/ │ │ │ │ (output) │ Scan output (EvaluationLog, OSCAL, │ │ └──────────────┘ SARIF, Markdown) written to workspace │ └──────────────────────────────────────────────────────────────────┘</code></pre> </figure> </div> <p><strong>Components:</strong></p>https://complytime.dev/docs/projects/complyctl/contributing/Mon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/contributing/<!-- synced from complytime/complyctl/docs/CONTRIBUTING.md@main (0ab7fbe66431) --> <p>Thank you for your interest in contributing to complyctl! We welcome contributions from the community.</p>https://complytime.dev/docs/projects/complyctl/installation/Mon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/installation/<!-- synced from complytime/complyctl/docs/INSTALLATION.md@main (3bd616905897) --> <h3 id="binary">Binary<a class="anchor" href="#binary" aria-label="Anchor">#</a> </h3> <p>The latest binary release can be downloaded from <a href="https://github.com/complytime/complyctl/releases/latest">https://github.com/complytime/complyctl/releases/latest</a>.</p> <p>Verify the release signature:</p>https://complytime.dev/docs/projects/complyctl/plugin-guide/Mon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/plugin-guide/<!-- synced from complytime/complyctl/docs/PLUGIN_GUIDE.md@main (a1e7a8b83329) --> <p>complyctl extends to arbitrary policy engines through plugins. Each plugin is a standalone executable that communicates with the CLI via gRPC using the <a href="https://github.com/hashicorp/go-plugin">hashicorp/go-plugin</a> framework.</p>https://complytime.dev/docs/projects/complyctl/quick-start/Mon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/quick-start/<!-- synced from complytime/complyctl/docs/QUICK_START.md@main (f04fa6893919) --> <h3 id="step-1-install-complyctl">Step 1: Install Complyctl<a class="anchor" href="#step-1-install-complyctl" aria-label="Anchor">#</a> </h3> <p>See <a href="https://github.com/complytime/complyctl/blob/main/docs/INSTALLATION.md">INSTALLATION.md</a>.</p> <h3 id="step-2-install-a-plugin">Step 2: Install A Plugin<a class="anchor" href="#step-2-install-a-plugin" aria-label="Anchor">#</a> </h3> <p>Scanning providers are standalone executables placed in <code>~/.complytime/providers/</code>. The filename determines the evaluator ID.</p>https://complytime.dev/docs/projects/complyctl/release-process/Mon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/release-process/<!-- synced from complytime/complyctl/docs/RELEASE_PROCESS.md@main (9d2fd8b967c4) --> <p>The release process values simplicity and automation in order to provide better predictability and low cost for maintainers.</p>https://complytime.dev/docs/projects/complyctl/style-guide/Mon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/style-guide/<!-- synced from complytime/complyctl/docs/STYLE_GUIDE.md@main (76d51bac5914) --> <p>This style guide outlines the best practices to ensure consistency and readability across the codebase.</p>https://complytime.dev/docs/projects/complyctl/testing-farm/Mon, 13 Apr 2026 01:10:00 +0000https://complytime.dev/docs/projects/complyctl/testing-farm/<!-- synced from complytime/complyctl/docs/TESTING_FARM.md@main (af94ab2a0418) --> <p><a href="https://packit.dev/docs/configuration/upstream/tests">Testing Farm</a> is Packit&rsquo;s testing system. Test execution is managed by tmt tool.</p> <p>The entry of the testing farm tests is located at <a href="https://github.com/complytime/complyctl/blob/main/docs/../.packit.yaml">.packit.yaml</a>, in the job named <code>tests</code>.</p>