docker pull fluidattacks/sast:latest
docker run --rm -v /dir/to/scan:/my-dir fluidattacks/sast:latest sast scan /my-dir
dir/to/scan
with the actual path to your project directory.docker run --rm -v .:/my-dir fluidattacks/sca:latest sca scan /my-dir
To run a scanner using a configuration file, bind the configuration file to the Docker command as follows, replacing /dir/to/scan
and /path/to/config.yaml
with the appropriate paths for your scan directory and configuration file:
docker run --rm -v /dir/to/scan:/my-dir -v /path/to/config.yaml:/config.yaml fluidattacks/sast:latest sast scan /config.yaml
docker run --rm -v /dir/to/scan:/my-dir fluidattacks/sast:latest sast scan /my-dir/config.yaml