- Principales informations
- Getting Started
- Datadog
- Site Datadog
- DevSecOps
- Serverless for AWS Lambda
- Agent
- Intégrations
- Conteneurs
- Dashboards
- Monitors
- Logs
- Tracing
- Profileur
- Tags
- API
- Service Catalog
- Session Replay
- Continuous Testing
- Surveillance Synthetic
- Incident Management
- Database Monitoring
- Cloud Security Management
- Cloud SIEM
- Application Security Management
- Workflow Automation
- CI Visibility
- Test Visibility
- Intelligent Test Runner
- Code Analysis
- Learning Center
- Support
- Glossary
- Standard Attributes
- Guides
- Agent
- Intégrations
- OpenTelemetry
- Développeurs
- Authorization
- DogStatsD
- Checks custom
- Intégrations
- Create an Agent-based Integration
- Create an API Integration
- Create a Log Pipeline
- Integration Assets Reference
- Build a Marketplace Offering
- Create a Tile
- Create an Integration Dashboard
- Create a Recommended Monitor
- Create a Cloud SIEM Detection Rule
- OAuth for Integrations
- Install Agent Integration Developer Tool
- Checks de service
- IDE Plugins
- Communauté
- Guides
- Administrator's Guide
- API
- Application mobile
- CoScreen
- Cloudcraft
- In The App
- Dashboards
- Notebooks
- DDSQL Editor
- Alertes
- Infrastructure
- Métriques
- Watchdog
- Bits AI
- Service Catalog
- API Catalog
- Error Tracking
- Service Management
- Infrastructure
- Universal Service Monitoring
- Conteneurs
- Sans serveur
- Surveillance réseau
- Cloud Cost
- Application Performance
- APM
- Profileur en continu
- Database Monitoring
- Agent Integration Overhead
- Setup Architectures
- Configuration de Postgres
- Configuration de MySQL
- Configuration de SQL Server
- Setting Up Oracle
- Setting Up MongoDB
- Connecting DBM and Traces
- Données collectées
- Exploring Database Hosts
- Explorer les métriques de requête
- Explorer des échantillons de requêtes
- Dépannage
- Guides
- Data Streams Monitoring
- Data Jobs Monitoring
- Digital Experience
- RUM et Session Replay
- Product Analytics
- Surveillance Synthetic
- Continuous Testing
- Software Delivery
- CI Visibility
- CD Visibility
- Test Visibility
- Exécuteur de tests intelligent
- Code Analysis
- Quality Gates
- DORA Metrics
- Securité
- Security Overview
- Cloud SIEM
- Cloud Security Management
- Application Security Management
- AI Observability
- Log Management
- Pipelines d'observabilité
- Log Management
- Administration
Generic CI Providers
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.
Join the Preview!
Code Analysis is in Preview.
Code Analysis is not available for the site.
Overview
If you don’t use CircleCI Orbs or GitHub Actions, you can run the Datadog CLI directly in your CI pipeline platform.
Prerequisites:
- unzip
- Node.js 14 or later
Configure the following environment variables:
| Name | Description | Required | Default |
|---|---|---|---|
DD_API_KEY | Your Datadog API key. This key is created by your Datadog organization and should be stored as a secret. | Yes | |
DD_APP_KEY | Your Datadog application key. This key, created by your Datadog organization, should include the code_analysis_read scope and be stored as a secret. | Yes | |
DD_SITE | The Datadog site to send information to. Your Datadog site is | No | datadoghq.com |
Provide the following inputs:
| Name | Description | Required | Default |
|---|---|---|---|
service | The name of the service to tag the results with. | Yes | |
env | The environment to tag the results with. ci is a helpful value for this input. | No | none |
cpu_count | Set the number of CPUs used by the analyzer. Defaults to the number of CPUs available. | No | |
subdirectory | The subdirectory path the analysis should be limited to. The path is relative to the root directory of the repository. | No |
To obtain execution time statistics for analyzed files, add a --performance-statistics flag to your static analysis command.
Select an analyzer for your architecture and OS from the following options:
| Architecture | OS | Name | Link |
|---|---|---|---|
aarch64 | Darwin | datadog-static-analyzer-aarch64-apple-darwin.zip | Download |
aarch64 | Linux | datadog-static-analyzer-aarch64-unknown-linux-gnu.zip | Download |
x86_64 | Darwin | datadog-static-analyzer-x86_64-apple-darwin.zip | Download |
x86_64 | Linux | datadog-static-analyzer-x86_64-unknown-linux-gnu.zip | Download |
x86_64 | Windows | datadog-static-analyzer-x86_64-pc-windows-msvc.zip | Download |
Add the following to your CI pipeline:
# Set the Datadog site to send information to
export DD_SITE="datadoghq.com"
# Install dependencies
npm install -g @datadog/datadog-ci
# Download the latest Datadog static analyzer:
# https://github.com/DataDog/datadog-static-analyzer/releases
DATADOG_STATIC_ANALYZER_URL=https://github.com/DataDog/datadog-static-analyzer/releases/latest/download/datadog-static-analyzer-x86_64-unknown-linux-gnu.zip
curl -L $DATADOG_STATIC_ANALYZER_URL > /tmp/ddog-static-analyzer.zip
unzip /tmp/ddog-static-analyzer.zip -d /tmp
mv /tmp/datadog-static-analyzer /usr/local/datadog-static-analyzer
# Run Static Analysis
/usr/local/datadog-static-analyzer -i . -o /tmp/report.sarif -f sarif
# Upload results
datadog-ci sarif upload /tmp/report.sarif
This example uses the x86_64 Linux version of Datadog's static analyzer. If you're using a different OS or architecture, you should select it from the table above and update the
DATADOG_STATIC_ANALYZER_URL value below. You can view all releases on the GitHub Releases page.Diff-aware scanning
Diff-aware scanning is a feature that enables Datadog Static Analysis to only scan the files modified by a commit in a feature branch. It accelerates scan time significantly by not having the analysis run on every file in the repository for every scan. The first scan performed, as well as default branch scans, always produce an analysis of the full repository (not diff-aware).
If you are using GitHub Actions, diff-aware scanning is enabled by default.
For other CI providers, follow these steps to enable diff-aware scanning:
- Make sure your
DD_APP_KEY,DD_SITEandDD_API_KEYvariables are set in your CI pipeline. - Add a call to
datadog-ci git-metadata uploadbefore invoking the static analyzer. This command ensures that Git metadata is available to the Datadog backend. Git metadata is required to calculate the number of files to analyze. - Ensure that the datadog-static-analyzer is invoked with the flag
--diff-aware.
Example of commands sequence (these commands must be invoked in your Git repository):
datadog-ci git-metadata upload
datadog-static-analyzer -i /path/to/directory -g -o sarif.json -f sarif –-diff-aware <...other-options...>
Note: When a diff-aware scan cannot be completed, the entire directory is scanned.
Further Reading
| |