example "one liner" to run roxctl in openshift

ocroxctl

#!/bin/bash

ROXCTL_IMAGE="registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8:3.71"

# Central CA cert:
#   oc extract secrets/service-ca -n stackrox --keys=ca.pem --to=-

# read values from 1Password YMMV
CLUSTER="hub-lab-bewley-net"
VAULT="development"
ROX_CENTRAL_ENDPOINT="$(op read op://$VAULT/$CLUSTER/acs/endpoint)"
ROX_API_TOKEN="$(op read op://$VAULT/$CLUSTER/acs/token)"
ROX_CA_CERT="$(op read op://$VAULT/$CLUSTER/acs/ca)"

# set defaults for missing values
ROX_CENTRAL_ENDPOINT="${ROX_CENTRAL_ENDPOINT:-central.stackrox.svc:443}"
ROX_API_TOKEN="${ROX_API_TOKEN:-missing api token}"

cat <<"EOHELP"
Example invocation:
    roxctl image check \
        -e $ROX_CENTRAL_ENDPOINT \
        -o json \
        --insecure-skip-tls-verify \
        --image image-registry.openshift-image-registry.svc:5000/namespace/image:latest
EOHELP

oc run roxctl \
    --rm -i --tty \
    --image $ROXCTL_IMAGE \
    --labels="app=roxctl" \
    --env ROX_API_TOKEN="$ROX_API_TOKEN" \
    --env ROX_CA_CERT="$ROX_CA_CERT" \
    --env ROX_CENTRAL_ENDPOINT="$ROX_CENTRAL_ENDPOINT" \
    --command -- /bin/bash