Scanning with the CodeLogic Java Agent (Docker)
The CodeLogicJava Agent for Docker provides an easy way to integrate CodeLogic scanning into your build process.
- Generate the Docker Image
- Run the Docker Image
- View Scan Results
- Using the Docker agent with Jenkins
Generate the Docker Command
-
Click Store from the left hand menu.
-
Locate the Java Agent Docker Image tile and click Generate.
- Enter your CodeLogic Server IP address or hostname.
- Enter the directory path to be scanned in the field provided.
- Click Next.
- Copy your code snippet from the Success! window.
Run the Docker Image
Tip
You can copy and paste the code snippet directly into your Jenkins file.
Only analyze an application
analyze -a yourApp -t ARCHIVE -p /locationToYourApp/app.jar
analyze an application with a relational database
analyze -a yourApp -d jdbc:postgresql://localhost:5432/sampledb -t ARCHIVE -p /locationToYourApp/app.jar
For more information, see Binary Scanning via Command Line (Java).
View Scan Results
- Select the Search tab.
- Expand the application to view items and their dependencies.
CI/CD Scanning
Using the Docker agent with Jenkins
The CodeLogic Java Agent for Docker can be used to scan artifacts in Jenkins pipelines.
Example:
stage('CodeLogic Scan') {
when {
expression { BRANCH_NAME ==~ /(integration|v.*|feature\/.*)/ }
}
steps {
catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') {
// Publish CodeLogic Scan
sh('''
docker run --pull always --rm --interactive \
--env CODELOGIC_HOST="https://yourinstance.app.codelogic.com" \
--env "AGENT_UUID=${AGENT_UUID}" \
--env "AGENT_PASSWORD=${AGENT_PASSWORD}" \
--env "SCAN_SPACE_NAME=${SCAN_SPACE_NAME}" \
--volume ${PWD}:/scan \
yourinstance.app.codelogic.com/codelogic_java:latest analyze \
--application "Your Application" \
--path /scan \
--scan-space-name "Development" \
--method-filter com.example. \
--recursive com.example \
--expunge-scan-sessions
''')
}
}
}