Basic Setup:

  • In this mode, the scan happens on another machine (e.g. a build machine) and results are published to the Embold Server.
  • In this case, you need to download the Embold Analyser component on the build machine and also enable the data port (5432) on the Embold Server to receive the scan results.
  • The Analyser host can be Windows or Linux and needs JRE 8+ installed.
  • Access to compiler and build system is recommended for C/C++ scans and not needed for other languages.
  • The embold-trace tool is needed for C/C++ scans when running strict mode analysis together with build integration. To know more about embold-trace tool, refer to this article.

Installation Steps:

  • Embold Server:
    • Either use this command $ wget$EMBOLD_VERSION/Docker/embold_$EMBOLD_VERSION.tar.gz or download the docker image from the Embold release section.
    • $ docker load -i embold_$EMBOLD_VERSION.tar.gz
    • $ docker run -m 10GB -d -p 3000:3000 --name EMBOLD -e gamma_ui_public_host=http://<IP/domain name>:<Port> -e RISK_XMX=-Xmx1024m -e ACCEPT_EULA=Y -e ANALYSER_XMX=-Xmx6072m -v /home/${USER}/embold/gamma_data:/opt/gamma_data -v /home/${USER}/embold/gamma_psql_data:/var/lib/postgresql -v /home/${USER}/embold/logs:/opt/gamma/logs embold/gamma:$EMBOLD_VERSION

Then access http://[host ip]:3000 and activate your license by following steps here.

  • Build machine (Embold Analyser a.k.a corona):
    • Either use this command $ wget$EMBOLD_VERSION/Corona/linux/corona_$EMBOLD_VERSION.tar.gz or download the docker image from the Embold release section. For more information, refer to this link.
      There will be one file with the pattern similar to the following: embold_corona_X.X.X.X.tar.gz
    • $ docker load -i embold_$EMBOLD_VERSION.tar.gz
    • Below are the steps for remote scan embold-corona docker:
      1. Create and keep it in directory /home directory.
      Below is the command for
      /opt/gamma/corona/scanboxwrapper/bin/gammascanner -c /home/gamma.json
      2. Create a Project in Embold which will hold the repository we want to scan. Download repository configuration file as gamma.json and keep in /home directory.

      Note: Make sure we keep source code in /home and give path in repository JSON.
      3. Run below command to start remote scan with embold corona:
      docker run -it -e ANALYSIS_MODE=remote -v /home:/home embold/corona: sh /home/

Then unzip and check this article for pre-requisites and an example scenario: