Appearance
Code Analysis Workflows
There are four possible workflows in using Noxtara code analysis feature.
1. GUI-based
You can upload your codes manually through team dashboard.
- Select your team > Security Tools > Code Analysis.
- Compile your source codes into
.zipfile. - Create a new scanning entry by uploading the zipped-file through the file upload panel. Provide a unique name for the entry.
- After submitting the form, the scanning will run automatically and the result will be generated in a while.
- If there is an updated version of your codes, you have to manually compile and upload it through the dashboard to re-trigger the scanning process.
2. GitHub App Integration
If you don't want to manually upload the code updates to trigger the scanning, you can integrate Noxtara Code Security with your repository on GitHub.
Select your team > Security Tools > Code Analysis.
Fill the required information in the GitHub form. You can specify the branch or tag name that will be processed by Noxtara.
After scanning entry is created, visit Noxtara Code Security on Github .
Install it on your desired repository.
Copy the ID of scanning entry you have created in the previous step from Noxtara dashboard.
Add configuration file
noxtara.yamlin your project root directory. This is an example of the configuration.yamlscan: code: entryId: THE_ENTRY_ID from: ./ ignore: - 'node_modules/**' - 'dist/**' - '.github/**' - 'docs/**' - 'graphql/**' - 'libs/**' - '**/*.test.ts' - '**/*.spec.ts'Push the updates into the branch or tag you have specified before. The scanning process will be triggered automatically.
3. CI/CD Workflow Integration
You can manually customize your existing CI/CD workflow to automatically pushed your code updates into Noxtara. Follow the steps in this guide.
4. CLI-based
You can also download Noxtara CLI tool to trigger scanning process from your local host. The tool will scan your codes in the specified local directory. Follow the steps in this guide.