Skip to content

Scanning JavaScript/TypeScript with an Agent in Docker

Note

This document assumes that CodeLogic is running on your local machine. If you have a production installation of CodeLogic, substitute its address in for localhost

Fetch the latest agent image from an instance of CodeLogic, e.g. 

docker pull localhost:5000/codelogic_javascript

Run the image, mounting the root of the project you wish to scan in a volume, e.g. 

docker run \
    --rm \
    --interactive \
    --tty \
    --env CODELOGIC_HOST='http://localhost' \
    --volume '/absolute/path/to/the/project:/scan' \
    'localhost:5000/codelogic_javascript' \
    analyze \
        --path /scan \
        --application my-project-name
        --host example.com
By default a new agent will be created in CodeLogic each time you run a scan. To avoid this, you can provide the container with credentials using the AGENT_UUID and AGENT_PASSWORD environment variables.
For example, the command above could be re-written to include credentials from the local shell environment: 
# Assuming that `AGENT_UUID` and `AGENT_PASSWORD` have
# been exported and are available in the shell environment

docker run \
    --rm \
    --interactive \
    --tty \
    --env CODELOGIC_HOST='http://localhost' \
    --env AGENT_UUID="${AGENT_UUID}" \
    --env AGENT_PASSWORD="${AGENT_PASSWORD}" \
    --volume '/absolute/path/to/the/project:/scan' \
    'localhost:5000/codelogic_javascript' \
    analyze \
        --path /scan \
        --application my-project-name \
        --host example.com

For a list of available commands and options, you can run 

docker run \
    --rm \
    --interactive \
    --tty \
    'localhost:5000/codelogic_javascript' --help