Skip to content

Scanning JavaScript/TypeScript NodeJS projects with an Agent in Docker

Note

This document assumes that CodeLogic is running at https://codelogic.com. If you have a production installation of CodeLogic, substitute its address in for codelogic.com

Fetch the latest agent image from an instance of CodeLogic, e.g. 

docker pull codelogic.com/codelogic_javascript

Run the image, mounting the root of the project you wish to scan in a volume, e.g. 

docker run \
    --rm \
    --interactive \
    --tty \
    --env CODELOGIC_HOST="https://codelogic.com" \
    --volume '/absolute/path/to/the/project:/scan' \
    'codelogic.com/codelogic_javascript' \
    analyze \
        --path /scan \
        --application my-project-name
By default a new agent will be created in CodeLogic each time you run a scan. To avoid this, you can provide the container with credentials using the AGENT_UUID and AGENT_PASSWORD environment variables.
For example, the command above could be re-written to include credentials from the local shell environment: 
# Assuming that `AGENT_UUID` and `AGENT_PASSWORD` have
# been exported and are available in the shell environment

docker run \
    --rm \
    --interactive \
    --tty \
    --env CODELOGIC_HOST="https://codelogic.com" \
    --env AGENT_UUID="${AGENT_UUID}" \
    --env AGENT_PASSWORD="${AGENT_PASSWORD}" \
    --volume '/absolute/path/to/the/project:/scan' \
    'codelogic.com/codelogic_javascript' \
    analyze \
        --path /scan \
        --application my-project-name

For a list of available commands and options, you can run 

docker run \
    --rm \
    --interactive \
    --tty \
    'codelogic.com/codelogic_javascript' --help