Skip to content

Commit b3a8aa5

Browse files
nolliv22nolliv22
committed
docs: add section about Docker deployment
1 parent df17e70 commit b3a8aa5

File tree

1 file changed

+53
-22
lines changed

1 file changed

+53
-22
lines changed

README.md

Lines changed: 53 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ A framework for code security that provides abstractions for static analysis too
1414
- [SAST Tool Integration Status](#sast-tool-integration-status)
1515
- [Usage](#usage)
1616
- [Command-line interface](#command-line-interface)
17+
- [Docker](#docker)
1718
- [Python API](#python-api)
1819

1920
<!--start-include-->
@@ -59,28 +60,58 @@ For more details on the design and integration of SAST tools and datasets in Cod
5960

6061
```bash
6162
$ cstools
62-
63-
Usage: cstools [OPTIONS] COMMAND [ARGS]...
64-
65-
CodeSecTools: A framework for code security that provides abstractions for static analysis tools and datasets to support their integration,
66-
testing, and evaluation.
67-
68-
╭─ Options ───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
69-
│ --debug -d Show debugging messages and disable pretty exceptions. │
70-
│ --version -v Show the tool's version. │
71-
│ --install-completion Install completion for the current shell. │
72-
│ --show-completion Show completion for the current shell, to copy it or customize the installation. │
73-
│ --help Show this message and exit. │
74-
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
75-
╭─ Commands ──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
76-
│ status Display the availability of SAST tools and datasets. │
77-
│ allsast Run all available SAST tools together. │
78-
│ bearer Bearer SAST │
79-
│ coverity Coverity Static Analysis │
80-
│ semgrepce Semgrep Community Edition Engine │
81-
│ snykcode Snyk Code │
82-
│ spotbugs SpotBugs │
83-
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
63+
64+
Usage: cstools [OPTIONS] COMMAND [ARGS]...
65+
66+
CodeSecTools CLI.
67+
68+
╭─ Options ───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
69+
│ --debug -d Show debugging messages and disable pretty exceptions. │
70+
│ --version -v Show the tool's version. │
71+
│ --install-completion Install completion for the current shell. │
72+
│ --show-completion Show completion for the current shell, to copy it or customize the installation. │
73+
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
74+
╭─ Commands ──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
75+
│ status Display the availability of SAST tools and datasets. │
76+
│ allsast Run all available SAST tools together. │
77+
│ bearer Bearer SAST │
78+
│ coverity Coverity Static Analysis │
79+
│ cppcheck Cppcheck │
80+
│ semgrepce Semgrep Community Edition Engine │
81+
│ snykcode Snyk Code │
82+
│ spotbugs SpotBugs │
83+
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
84+
```
85+
86+
#### Docker
87+
88+
A Docker image is available with only free and offline SAST tools pre-installed.
89+
90+
```bash
91+
UID=$(id -u) GID=$(id -g) docker compose build main
92+
docker run -it -v $HOME/.codesectools:/home/codesectools/.codesectools codesectools /bin/bash
93+
```
94+
95+
Mount necessary directories if you want to include:
96+
97+
- a target (`-v ./myproject:/home/codesectools/myproject`)
98+
- existing CodeSecTools data (`-v $HOME/.codesectools:/home/codesectools/.codesectools`)
99+
100+
A better way is to use the CLI:
101+
102+
```bash
103+
$ cstools -d docker --help
104+
105+
Usage: cstools docker [OPTIONS]
106+
107+
Start the Docker environment for the specified target (current directory by default).
108+
109+
╭─ Options ───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
110+
│ --target PATH The directory to mount inside the container. [default: .] │
111+
│ --isolation --no-isolation Enable network isolation for the container (disables host network sharing). [default: no-isolation] │
112+
│ --help Show this message and exit. │
113+
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
114+
84115
```
85116
86117
#### Python API

0 commit comments

Comments
 (0)