このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Join the Preview!

Code Analysis is in Preview.

Code Analysis is not available for the site.

Overview

If you don’t use GitHub Actions, you can run the Datadog CLI directly in your CI pipeline platform.

Prerequisites:

  • unzip
  • Node.js 14 or later

Configure the following environment variables:

NameDescriptionRequiredDefault
DD_API_KEYYour Datadog API key. This key is created by your Datadog organization and should be stored as a secret.Yes
DD_APP_KEYYour Datadog application key. This key, created by your Datadog organization, should include the code_analysis_read scope and be stored as a secret.Yes
DD_SITEThe Datadog site to send information to. Your Datadog site is .Nodatadoghq.com

Provide the following inputs:

NameDescriptionRequiredDefault
serviceThe name of the service to tag the results with.Yes
envThe environment to tag the results with. ci is a helpful value for this input.Nonone
subdirectoryThe subdirectory path the analysis should be limited to. The path is relative to the root directory of the repository.No
# Set the Datadog site to send information to
export DD_SITE=""

# Install dependencies
npm install -g @datadog/datadog-ci

# Download the latest Datadog OSV Scanner:
# https://github.com/DataDog/osv-scanner/releases
DATADOG_OSV_SCANNER_URL=https://github.com/DataDog/osv-scanner/releases/latest/download/osv-scanner_linux_amd64.zip

# Install OSV Scanner
mkdir /osv-scanner
curl -L -o /osv-scanner/osv-scanner.zip $DATADOG_OSV_SCANNER_URL
unzip /osv-scanner/osv-scanner.zip -d /osv-scanner
chmod 755 /osv-scanner/osv-scanner

# Run OSV Scanner and scan your dependencies
/osv-scanner/osv-scanner --skip-git -r --experimental-only-packages --format=cyclonedx-1-5 --paths-relative-to-scan-dir  --output=/tmp/sbom.json /path/to/repository

# Upload results to Datadog
datadog-ci sbom upload /tmp/sbom.json

Further Reading

お役に立つドキュメント、リンクや記事: