Metadata-Version: 2.4
Name: utem
Version: 0.1.0
Summary: UTEM CLI — control plane for UTEM Code Security (Wiz CLI parity)
Author-email: Innavoto Technologies <engineering@innavoto.com>
License: Proprietary
Keywords: utem,security,code,sast,sca,cli
Requires-Python: >=3.10
Description-Content-Type: text/markdown
Requires-Dist: click==8.1.7
Requires-Dist: httpx==0.27.2
Requires-Dist: rich==13.9.4
Provides-Extra: dev
Requires-Dist: pytest==8.3.3; extra == "dev"
Requires-Dist: respx==0.21.1; extra == "dev"

# utem-cli

Control-plane CLI for the UTEM platform. Wiz-parity for the
`utem code` lane (`wiz iac scan` / `wiz docker scan` analogue).

## Install

```bash
pip install -e .[dev]
```

## Auth

The CLI reads three values from environment variables (or `~/.utem/config.toml`):

| Variable          | Default                          | Required |
|-------------------|----------------------------------|----------|
| `UTEM_API_URL`    | `https://utem.innavoto.com`      | no       |
| `UTEM_TOKEN`      | -                                | yes      |
| `UTEM_TENANT_ID`  | -                                | yes      |

`~/.utem/config.toml` example:

```toml
[utem]
api_url = "https://utem.innavoto.com"
token = "eyJhbGciOi..."
tenant_id = "00000000-0000-0000-0000-000000000000"
```

## Examples

```bash
# 1. List repos visible to your tenant.
utem code repos --owner-type org

# 2. Trigger a scan and wait for it to finish.
utem code scan Innavoto/utem-code --wait

# 3. List the most recent critical secret findings as JSON.
utem code findings --severity critical --type secret --output json
```

## Exit codes (scan)

| Code | Meaning                              |
|------|--------------------------------------|
| 0    | Scan succeeded (or queued, no `--wait`) |
| 1    | Scan reached terminal `failed` state |
| 2    | `--wait` polling timed out           |
| 3    | API or transport error               |

## Test

```bash
pytest tests/
```
