Skip to content

Installation on Docker

Jump to bottom
Nathan Leach edited this page Aug 2, 2021 · 2 revisions

CxAnalytix Docker Image

CxAnalytix is published as a docker image on Checkmarx TS Packages. You can reference the image using ghcr.io/checkmarx-ts/cxanalytix/cxanalytix:<tag> where tag can be:

  • latest to get the latest release
  • vx.x.x to get a specific release version
  • prx.x.x to get a specific pre-release version

No Configuration Operation

It is possible to run the CxAnalytixDaemon using the default configuration by providing environment variables for specific configuration options.

Environment Variable Default Description
CHECKMARX_URL None The URL to the SAST server.
CHECKMARX_MNO_URL None The URL to the M&O server, if available.
CHECKMARX_USERNAME None The username of the account that will log into CxSAST.
CHECKMARX_PASSWORD None The password for the user account logging into CxSAST.
CHECKMARX_STATE_PATH /var/cxanalytix The path where state files will be stored.

Custom Configuration

The default configuration will be unlikely to be sufficient for most needs. There are a few options for customizing the Docker image configuration.

Extending the CxAnalytix Docker Image

The base docker image can be customized using FROM ghcr.io/checkmarx-ts/cxanalytix/cxanalytix:<tag> and copying the CxAnalytixDaemon.log4net and dotnet.config files to /etc/cxanalytix. You can refer to the Dockerfile to re-use the ENTRYPOINT or provide your own entry point.

The state file storage location can be configured in the custom configuration files to persist the state files across container invocations.

Mapping Custom Volumes

Custom volume mounts can be mapped to various locations when running the CxAnalytix Docker image.

Location Description
/etc/cxanalytix Place the CxAnalytixDaemon.log4net and dotnet.config customized configuration files here. The daemon will run and use these files to configure the runtime.
/var/cxanalytix This is where the state files are written as scans are crawled.
/var/logs/cxanalytix If configured to output to log files, this is where the log files are written by default.

Default State Storage

By default, the state storage is in /var/cxanalytix. The state storage files will be lost after the Docker image exits unless a volume is mapped to /var/cxanalytix. A custom configuration can be used to change the location of the state storage, or a volume can be mapped to /var/cxanalytix to allow the state storage files to be persisted across container executions.

Copyright (c) 2020-2022 Checkmarx, All Rights Reserved

The contents of this Wiki only apply to CxAnalytix versions prior to 2.0.0. New releases include a PDF manual with complete documentation appropriate for each release version. This Wiki is no longer being maintained as of version 2.0.0.

Home

Data Analysis FAQ

Data Field Specification

Deployment Guide

Pseudo Transactions

Installing

Configuring

Troubleshooting

Developers

Platform Integrations

Clone this wiki locally