Install Code Analysis Tools
Prerequisites
- Docker is installed on your machine.
- Ensure that you are able to launch and use Docker containers and that network connectivity works.
- https://api.levo.ai is reachable from the host machine.
- Supported Programming Languages and Frameworks:
- C/C++
- H (C/C++ Header and pre-processed .i files alone)
- Java (Requires compilation)
- Jar
- Android APK (Requires Android SDK. Set the environment variable ANDROID_HOME or use the container image.)
- JavaScript
- TypeScript
- Python (Supports 3.x to 3.13)
- PHP (Requires PHP >= 7.4. Supports PHP 7.0 to 8.4 with limited support for PHP 5.x)
- Ruby (Requires Ruby 3.4.7. Supports Ruby 1.8 - 3.4.x syntax)
- Scala (WIP)
Code Scanning Setup Instructions
- Install Levo CLI, which contains the commands to scan code.
- Once the CLI is installed, you can:
Scan Code and Identify REST API Endpoints
- Login to Levo CLI
levo login - Enter the CLI authorization key and select the organization.
- Once logged in, go to the project directory where you want to run code-scanning
cd <your_project_directory> - Inside the project directory, run the following CLI command:
levo scan code \
--dir <relative path to directory you wish to scan> \
--app-name <name of the app you wish to see on Dashboard> \
--env-name <the environment to which your app should belong> \
--language <programmming language used in repository, default is java> - In the
--diroption, you can specify the relative subdirectory path (./path/to/sub-directory) if you want to scan only a part of the project, or simply DOT (.) for the current directory. - Use the
--helpoption to know the list of available options - If there are REST endpoints in the code, they will be imported to the Levo Dashboard, under the given app-name.
Scan Project Directory to Fetch and Import OpenAPI/Swagger Specs
- Login to Levo CLI:
levo login - Enter the CLI authorization key and select the organization.
- Once logged in, navigate to the project directory where you want to scan for OpenAPI specs:
cd <your_project_directory> - Inside the project directory, run the following CLI command:
levo scan schema \
--dir <relative path to directory you want to scan> \
--env-name <the environment to which your app should belong> - In the
--diroption, you can specify the relative subdirectory path (./path/to/sub-directory) if you want to scan only a part of the project, or simply DOT (.) for the current directory. - Use the
--helpoption to know the list of available options - If there are OpenAPI/Swagger specs in the project directory, they will be imported to Levo Dashboard.
- The App Name will be the same as the title of the OpenAPI/Swagger spec.
GitHub Action
Prerequisites
- An account on Levo.ai.
- An application code repository on GitHub (currently Java and Python are supported).
Action Configuration
The pre-built action for executing Scan Code requires the following configuration settings:
-
authorization-key: Specify your CLI authorization key here. Refer to Generating CLI Authorization Keys for instructions on fetching your key. -
organization-id: Specify your Organization ID here. Refer to Accessing Organization IDs for instructions on fetching your ID. -
saas-url: The URL of the Levo SaaS instance. Default value is https://api.levo.ai. For India, usehttps://api.india-1.levo.ai. -
app-name: The name of the application you want to see on the Levo Dashboard. -
env-name: This is an OPTIONAL setting. The environment to which your app should belong. Default value isstaging.
Here is a sample Scan Code Action with its configuration:
- name: Levo Scan Repo
uses: levoai/actions/scan@v2.3.0
with:
# Authorization key required to execute the Levo CLI. Please refer to https://app.levo.ai/settings/keys to get your authorization key.
authorization-key: <'Specify your CLI authorization key here'>
# The ID of your organization in Levo dashboard. Please refer to https://app.levo.ai/settings/organization to get your organization id.
organization-id: <'Specify your organization ID here'>
# [OPTIONAL] The environment to which your app should belong. Default: staging.
saas-url: "https://api.dev.levo.ai"
# The name of the application you want to see on the Levo Dashboard.
app-name: <'Application Name here'>
# [OPTIONAL] The environment to which your app should belong. Default: staging.
env-name: <'Environment Name here'>
Job Outputs
This pre-built Action produces the below Outputs, which can be referenced by downstream Actions/Jobs.
outputs:
scan-success: <'true/false'>