...
If you prefer not to be limited by the above, we recommend utilizing our dedicated Github / Bitbucket / Gitlab integrations, which are built around Data Theorem’s Cloud infrastructure and provide the most polished developer experience (see onboarding instructions at DevSecOps > SAST Code Analysis).
Requirements
The machine running the scanner must have
dockerinstalledThe machine running the scanner must have internet access
We can recommend a base of 8GB RAM / 4 CPUs to run the scans, but note that scan time is proportional to the code base size so the specs that fit your needs may vary based on the size of your codebase.
| Table of Contents | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
Step 1: Generate a SAST Security Results API Key
...
set
DT_SAST_FAIL_MODE=trueif set, the process will return a non-zero status when issues are found. This can be used to make Data Theorem SAST a blocking step of your workflow.set
DT_SAST_NO_FORWARD_MODE=trueif you want to skip forwarding scan results/metadata to Data Theorem, note that this will mean that no scan results will be visible from the Data Theorem Portal
Local Scanning
...
example
The Data Theorem on-prem scanner can run from your local machine.
...