Scanning JavaScript/TypeScript with an Agent in Docker
Note
This document assumes that CodeLogic is running on your local machine. If you have a production installation of CodeLogic, substitute its address in for localhost
Fetch the latest agent image from an instance of CodeLogic, e.g.
docker pull localhost:5000/codelogic_javascript
Run the image, mounting the root of the project you wish to scan in a volume, e.g.
docker run \
--rm \
--interactive \
--tty \
--env CODELOGIC_HOST='http://localhost' \
--volume '/absolute/path/to/the/project:/scan' \
'localhost:5000/codelogic_javascript' \
analyze \
--path /scan \
--application my-project-name
--host example.com
AGENT_UUID
and AGENT_PASSWORD
environment variables.For example, the command above could be re-written to include credentials from the local shell environment:
# Assuming that `AGENT_UUID` and `AGENT_PASSWORD` have
# been exported and are available in the shell environment
docker run \
--rm \
--interactive \
--tty \
--env CODELOGIC_HOST='http://localhost' \
--env AGENT_UUID="${AGENT_UUID}" \
--env AGENT_PASSWORD="${AGENT_PASSWORD}" \
--volume '/absolute/path/to/the/project:/scan' \
'localhost:5000/codelogic_javascript' \
analyze \
--path /scan \
--application my-project-name \
--host example.com
For a list of available commands and options, you can run
docker run \
--rm \
--interactive \
--tty \
'localhost:5000/codelogic_javascript' --help