Skip to content

CLI Reference

Both sentra and guard are available as CLI commands — they are identical aliases.

Core commands

Command Description
sentra init Create .sentra/config.yaml (interactive wizard or --no-interactive)
sentra scan Run a scan and write findings/reports to out/ (works without config)
sentra gate Run scan and enforce quality gate (exit 0 pass / exit 1 fail)
sentra context Generate agent_context.json for AI agents
sentra validate-config Validate configuration
sentra migrate Migrate .guard.yaml to .sentra/config.yaml
sentra guide Interactive command guide with workflow examples

Governance commands

Command Description
sentra reconcile Sync findings with DevOps work items (create/update/close)
sentra sync Sync work item states to DevOps provider
sentra apply-patches Apply auto-generated patches from last scan
sentra generate-reqs Auto-generate requirements from untracked code

Standards pack commands

Command Description
sentra list-packs List available standards packs
sentra add-pack <id> Enable a standards pack
sentra remove-pack <id> Disable a standards pack
sentra import-pack <file> Import a pack from YAML
sentra export-pack <id> Export a pack to YAML

Admin commands

Command Description
sentra serve Start the REST API server + dashboard
sentra list-rules List all configured rules
sentra report Generate a report from existing findings
sentra compare Compare current findings to a previous run
sentra license Show license status and features
sentra trial Generate a 30-day enterprise trial key
sentra set-tier Generate a license key for a specific tier
sentra install-check Verify installation and dependencies
sentra test-connection Test DevOps provider connectivity

sentrik set-tier

Generate a license key for a specific tier (for testing and development).

sentrik set-tier enterprise              # Enterprise key, valid 365 days
sentrik set-tier team --days 90          # Team key, valid 90 days
sentrik set-tier org                     # Organization key, valid 365 days
sentrik set-tier trial                   # Trial key, valid 365 days
Option Default Description
--days 365 Key validity in days

Valid tiers: trial, team, org, enterprise

Pre-commit commands

Command Description
sentra pre-commit-scan Scan staged files with recovery hints
sentra fix-hook Auto-fix findings from last pre-commit scan

Approval commands (Enterprise)

Command Description
sentra approve <id> Approve a pending approval request
sentra approval-status <id> Check status of an approval request

Common options

Option Description
--config, -c PATH Use a specific config file
--staged Scope to git-staged files only
--git-range RANGE Scope to a git range (e.g., origin/main...HEAD)
--diff TEXT Scope to files from a diff string
--branch TEXT Set branch for work item traceability
--dry-run Preview without side effects

--staged, --git-range, and --diff are mutually exclusive.

Scan command options

sentra scan [OPTIONS]
Option Description
--config, -c PATH Config file path
--staged Scan only git-staged files
--git-range RANGE Scan files in git range
--diff TEXT Scan files from diff
--branch TEXT Branch name for traceability

Gate command options

sentra gate [OPTIONS]
Option Description
--config, -c PATH Config file path
--staged Gate only staged files
--git-range RANGE Gate files in git range
--decorate-pr Post findings as PR comments
--status-check Report status via GitHub Checks / Azure commit status
--commit-sha TEXT Commit SHA for status reporting
--require-approval Create approval request on gate failure (Enterprise)
--approval-timeout INT Approval timeout in seconds

Serve command options

sentra serve [OPTIONS]
Option Description
--host TEXT Host to bind to (default: 0.0.0.0)
--port INT Port number (default: 8000)
--reload Enable auto-reload for development

Reconcile command options

sentra reconcile [OPTIONS]
Option Description
--config, -c PATH Config file path
--staged Scope to staged files
--dry-run Preview actions without executing
--work-items PATH Override work items file path