Skip to content

Latest commit

 

History

History

dependencies

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Dependencies command

Upload dependencies graph to Datadog to detect runtime vulnerabilities by Continuous Profiler.

Usage

Setup

You need to have DATADOG_API_KEY and DATADOG_APP_KEY set in your environment.

export DATADOG_API_KEY="<API KEY>"
export DATADOG_APP_KEY="<APP KEY>"

By default, the command sends requests to Datadog US. To use Datadog EU, set DATADOG_SITE environment variable to datadoghq.eu.

Commands

upload

This command uploads dependencies graph to Datadog to detect runtime vulnerabilities by Continuous Profiler.

To upload the dependencies graph generated by the snyk cli, run:

snyk test --print-deps --sub-project=<PROJECT_NAME> --json > ./snyk_deps.json
datadog-ci dependencies upload ./snyk_deps.json --source snyk --service <SERVICE_NAME> --release-version <SERVICE_VERSION>
  • The first positional argument is the path to file that contains dependency graph. The file should be generated by the snyk test --print-deps --sub-project=<YOUR_PROJECT> --json command.

  • --source (required): set to snyk as currently it's the only integration we support.

  • --service (required): name of the service (should match the service tag).

  • --release-version: version of the service (should match the version tag). Provide it to prevent analysis from using out of date dependencies.

In addition, some optional parameters are available:

  • --dry-run (default: false): run the command without the final step of upload.