Using the iCR CLI
The iCR CLI isused to directly invoke the iCR Analysis Engines (AE). The AE will scan the specified source code file and generates a set of results to identify issues discovered. The results may be displayed using the standard Static Analysis Results Interchange Format (SARIF) for processing by other tools which are SARIF compatible.
To invoke an AE, use the following CLI syntax. This invokes it from the local directory where you performed the installation. As an option, you may choose to either add this directory to your $PATH or simply copy the command to /usr/local/bin or wherever you prefer to install new programs.
./icr-cli -source </path/to/source> -result </path/to/result> -language <go/java/python> [-version <python-version>] -license <valid_license_key> [-local-registry <registry-URL>] [-log <log-filename>] [-short]
The available options are:
-source </path/to/source>: Required - Specifies the file path to the source code root directory to be analyzed-result </path/to/result>: Required - Specifies the file path to the directory where the results are to be placed. Results are stored in SARIF format.-language <go/java/python>: Required - Specifies the programming language. Supported languages are: python java, and go-version <python-version>: Optional - If the language ispythonthen this optional argument is needed to specify which Python library version is to be used. Supported Python versions are 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 3.12.-license <valid_license_key>: Required - This is the contents of the license file as delivered to you by OpenRefactory. Your license is enabled for a period of time and for a maximum number of OpenRefactory Bundled Lines of Code (OBLoCs). OBLoCs consist of only those executable lines of code that are actually used in the analysis. This means that whitespace and most comments are NOT counted against your licensed capacity. To get an estimate of a project’s OBLoC count, you can use the Linux utilitycloc. NOTE: Should you exhaust your OBLoC capacity, iCR will not be able to continue. In this case contact OpenRefactory to learn how to extend your license.-local-registry <registry-URL>: Optional - Containers are fetched from the cloud service DockerHub by default. However, if you choose to preload containers using a private, local Docker registry, that is supported as well. Use this option to specify the URL to your private, local Docker registry.-log <log-filename>: Optional - The Analysis Engine generates internal log files used to help diagnose issues. The default is to not save the log file after completing an analysis. However, for support purposes, it will be helpful to retain logs in the event of an unsuccessful analysis. This will help OpenRefactory to diagnose your issue. This option allows you to specifiy where to keep the log file.-short: Optional - When using the CLI command interactively, the AE will offer a progress bar letting you know about general progress. For use within a CI/CD framework, where the CLI is being invoked without a user monitoring, the progress output is unnecessary. If you are invoking the CLI from such a framework, the optional-shortargument tells the AE to suppress the progress information. If you do not suppress this, you may see some unnecessary character output.
If the command is entered with incorrect flags or arguments the usage statement will be printed:
If you need assistance with using the CLI or encounter other issues while using the icr-cli command, please contact us at support@openrefactory.com.
Last updated