Scan Engine Installation
The Scan Engine installation depends on your operating system and exists in three options:
-
Windows
-
Linux
-
macOS
You can use one of these methods to install the Scan Engine:
-
Download and set up the binary file.
-
Use a Docker Docker (specifically, Docker Engine) is a software technology providing operating-system-level virtualization also known as containers. image that contains the binary file.
Downloading the binary file
-
Download the x64 or 386 standalone binary.
-
(Optional) Save the
shiftleft.exe
file in a directory in your current PATH. -
Launch a new command terminal and verify that ShiftLeft The ShiftLeft tool scans source code, containers and serverless functions, looking for vulnerabilities including those associated with the Log4j tool. This tool alerts the security and DevOps teams if any vulnerabilities are detected in the pre-build phase, ensuring that vulnerable code is not deployed. is properly installed:
C:\Downloads\>shiftleft image-scan --version
The sample output:
0.400.0
-
Download the x64 or 386 standalone binary.
-
(Optional) Make the file executable and move the file into a directory in your current PATH, for example:
chmod +x shiftleft
mv shiftleft /bin/shiftleft
-
Launch a new command terminal and verify that the program is properly installed:
$shiftleft image-scan --version
The sample output:
0.400.0
-
Download the x64 standalone binary.
-
Make the file executable, add a Gatekeeper exception, and move the file into a directory in your current PATH, for example:
chmod +x shiftleft
spctl --add shiftleft
sudo mv shiftleft /usr/local/bin/shiftleft
-
Launch a new command terminal and verify that the program is properly installed:
user-mbp:~ user$ shiftleft image-scan --version
The sample output:
0.400.0
Using a Docker image
Using a Docker image of ShiftLeft provides an easy and flexible way to run scans in containerized environments. The Docker image is available on DockerHub at checkpoint/shiftleft
.
To use the ShiftLeft image:
-
Run the command:
docker run -e CHKP_CLOUDGUARD_ID=<API_KEY> -e CHKP_CLOUDGUARD_SECRET=<API_SECRET> -e SHIFTLEFT_REGION=<REGION> -v <PATH_TO_IMAGE>:/tmp/images/image.tar checkpoint/shiftleft:latest_v2 shiftleft image-scan -e <ENVIRONMENT_ID> -i /tmp/images/image.tar
-
Replace
<API_KEY>
,<API_SECRET>
,<REGION>
,<ENVIRONMENT_ID>
, and<PATH_TO_IMAGE>
with your CloudGuard API key, secret, region, your environment ID, and the local path to your image directory, respectively.Make sure to use the
latest_v2
tag to get the most recent features and improvements.
Scan Engine Update
Each time the Scan Engine runs, it automatically checks for updates and installs the latest version available.