Leveraging Your Agent with PowerShell

SourceClear Software Composition Analysis

About this task

If you are running a scan in a Windows environment and do not want to use Chocolatey to install the agent, you may use PowerShell instead of following these directions:

Procedure

  1. From the left sidebar, select the team for which you want to create the agent, then select Agents > New Agent.
  2. In the Set Up Scanner page, click the Windows tile.
  3. Click the PowerShell tab.
  4. Set the $Env:SRCCLR_API_TOKEN environment variable to the authentication token created when you click Generate Token.
  5. In your PowerShell terminal, set execution policy to AllSigned. You may need to run the following command to set the execution policy, since PowerShell does not permit scripts to run by default:
    Set-ExecutionPolicy AllSigned -Scope Process -Force
  6. Execute the following command to download the script:
    iex ((New-Object System.Net.WebClient).DownloadString('https://download.srcclr.com/ci.ps1'))
  7. Scan repositories with one of the following commands.
    • To start scanning public repositories:
      srcclr scan --url https://github.com/srcclr/example-ruby
    • To clone and scan local repositories:
      srcclr scan FILE_PATH