Docker run doesn't recognize the token

Question

0GiS0 opened this issue a year ago · comments

Hi all!

I'm trying to scan a .NET project but sast-scanner requires the token for that. If I choose sl it works perfectly:

export SHIFTLEFT_ACCESS_TOKEN=$SL_TOKEN
sl analyze --app shiftleft-csharp-demo --csharp --wait netcoreWebapi.csproj

But If I try to use the container It seems It doesn't receive the token in the env that It expects:

docker run --rm -e "WORKSPACE=${PWD}" -e SHIFTLEFT_ACCESS_TOKEN="$SL_TOKEN" -v $PWD:/app shiftleft/scan scan --src /app --out_dir /app/reports

Any thoughts?

Thank you so much!!

Olof-Joachim Frahm (欧雅福) · Answer 1 · Tue Oct 10 2023 14:13:44 GMT+0800 (China Standard Time)

Try also setting the SHIFTLEFT_ORG_ID environment variable to your organization ID, then it should proceed further.

Are you interested in the specific output of this tool? sl is generally better supported.