Additional Commands for Code Scan Agent Configuration

Option Argument / Value Description
--version None Displays the Code Scan Agent version
--license None Displays the Code Scan Agent license information
--config CONFIG_FILE_PATH Specifies the location of the config file to be used for the scan
--secret-key KEY_FILE_PATH Specifies the path to the secret key file to be used for decrypting an encrypted config file
--create-config None Creates a config file at the specified location

If a location is not specified, by default, the config is created in the current directory.
--update-config CONFIG_FILE_PATH Allows you to interactively update the config file

The --key parameter must be used along with the --update-config parameter to specify the location of the config file.
--view-config CONFIG_FILE_PATH Allows you to view the decrypted contents of the config file, saved at the specified location

The --key parameter must be used along with the --update-config parameter to specify the location of the config file.
--rotate-key NEW_KEY_FILE_PATH (optional) Rotates the secret key for the configuration file

Optionally, you can specify a new key file path. To do this, use the --config and --key parameters, along with the --rotate-key parameter, to specify the config file and the old key location.

--input-folder INPUT_FOLDER_PATH Specifies the input directory containing the source code to be scanned
--output-folder OUTPUT_FOLDER_PATH Specifies the output directory where the scan results will be stored
--log-dir LOG_FOLDER_PATH Specifies the directory path to store log files generated during execution
--log-level DEBUG, INFO, WARNING, ERROR, CRITICAL Sets the verbosity level of logging, letting you control how much information the application logs and/or displays

A lower verbosity level shows only critical errors, while higher levels include warnings, informational messages, and detailed debugging output. This helps users or developers adjust the amount of detail they see based on their troubleshooting or monitoring needs.

Default log level: INFO
--log-retain NO_OF_LOGS Specifies the count of logs to be maintained in the log folder

Default value: 20
--update-service-account None Updates the service account credentials stored in the config file

To do this, use the --config and --key parameters, along with the --update-service-account parameter to specify the config file and the key file location.

Additional Instructions

  • To view the configuration file, execute the following command:
    ./code-scan-agent --view-config /path/to/config.ini --key /path/to/secret.key
    Here
    • /path/to/config.ini: path to the configuration file
    • /path/to/secret.key: path to the secret key to decrypt the configuration file
  • To modify the existing configuration file, execute the following command
    ./code-scan-agent --update-config /path/to/config.ini --key /path/to/secret.key
    Here:
    • /path/to/config.ini: path to the configuration file
    • /path/to/secret.key: path to the secret key to decrypt the configuration file
    The existing configuration file will be displayed. For each configuration prompt, the existing response will be displayed. To update the response to a configuration prompt, type in your new response or press Enter to retain the existing value.