Skip to main content

CxSAST Reporting Manager Installation (Docker image)

Following is a step-by-step guide for installing the CxSAST Reporting Manager component as a Docker image.

Note

This is a Linux-based image.

Installation steps

  1. Download the CxSAST Reporting Docker image.

  2. Load the CxSAST Reporting Docker image into your CxSAST Reporting host Docker.

    docker image load --input <image filename>.tar

  3. Configure the CxSAST Reporting settings using:

    Docker .env file

    The image provided receives multiple parameters via environment variables. To pass them to the container, create a .env file with key-value pairs using the following format: KEY=value

    This file is then passed in the docker run command with the following option:

    --env-file="<path to file>\vars.env"

    A complete example is provided at the end of this guide.

    Environment variables

    • CONNECTION_STRING Required - Database connection string to a SQL Server.

    • NUMBER_OF_PARALLEL_REPORTS Default: 2 - Number of maximum reports processed in parallel.

    • NUMBER_OF_RETRIES Default: 3 - Number of maximum retries when processing a report request.

    • REPORTS_EXECUTION_INTERVAL Default: 2 - Number of seconds between polling of new report requests.

    • REPORTS_OUTPUT_PATH Required - Output path for the generated reports.

    • REPORT_RETENTION_PERIOD Required - Number of days that reports will be stored in the system.

    • REPORT_RETENTION_PERIOD_FORMAT Required - Retention period format: D for days or H for hours.

    • REPORTING_API_URL Required - Endpoint for the client api (http://<reporting api address>:<port>).

    • SYNC_DATA_INFO - Represents a Cron Expression that defines how often the dashboard service runs.

    • PROJECT_STATUS_CUSTOM_FIELD_NAME - The project custom field name that stores the onboarding/triaging process status (example: ASA_Status).

    • PROJECT_STATUS_CUSTOM_FIELD_VALUE - The value of the project custom field name that stores the onboarding/triaging process status (example: Delivered).

    • PROJECT_ONBOARDING_DATE_CUSTOM_FIELD_NAME - The project custom field name that stores the onboarding/triaging process end date (example: Onboarding_Date).

  4. To initiate the CxReportingService container, run the docker image with the following command:

docker run `
 --env-file=<vars.env file path> `
-v ~/cx-reporting-service:<value of REPORTS_OUTPUT_PATH env var> `
--restart always `
cx-reporting-service:latest

Note

To deploy the Manager and Client API images using docker compose, refer to CxSAST Reporting Service Docker Compose Setup.

Example

The following is an example of installing CxSASTReportingService on the same machine as CxSAST:

docker run -p 5002:5002 `
-v ~/cx-reporting-service:/app/CxReports
--env-file="/var/jenkins/workspace/reporting-service-validation_dev/pipelines/reporting-service/.env" `
cx-reporting-service:latest

The vars.env file is configured as follows:

CONNECTION_STRING=Data Source=10.32.1.117\SQLExpress;Initial Catalog=CxDB;Integrated Security=False;User ID=testuser;Password=testpassword;Pooling=True
NUMBER_OF_PARALLEL_REPORTS=2
NUMBER_OF_RETRIES=3
REPORTS_EXECUTION_INTERVAL=10
REPORTS_OUTPUT_PATH=/app/CxReports
REPORT_RETENTION_PERIOD=3
In this section: