Run the Demisto SDK in a Docker container - Demisto SDK Guide - Cortex - Security Operations

Demisto SDK Guide

Creation date
2023-08-01
Last date published
2024-10-28
Category
Demisto SDK Guide
Abstract

Run Demisto SDK validations from within a docker container.

Use the Docker image to run Demisto SDK commands locally or as a CI/CD process.

Danger

  • To use the Demisto SDK, create a content repository for Cortex XSOAR content in a structure that matches the official Cortex XSOAR content repository.

    You can generate your repository from this template.

  • The Demisto SDK uses volume mounts to run on the local content repository, which may cause slowness on macOS or Windows. To optimize performance use one of the following:

Get the Docker image

Pull the Docker image with docker pull demisto/demisto-sdk:<tag>

The latest tags are in the Docker hub here.

Environment variables

Some commands such as demisto-sdk upload and demisto-sdk run need the following environment variables to communicate with your Cortex XSOAR server.

Environment Variable

Description

DEMISTO_BASE_URL

The URL of the Cortex XSOAR server.

DEMISTO_API_KEY

The API key.

DEMISTO_VERIFY_SSL

Whether to verify SSL certificates.

To pass the variables, do one of the following:

  • Add the --env option, for example:

    docker run --env DEMISTO_BASE_URL="https://xsoar.com:443" <rest of the command>
  • Use an .env file, for example:

    DEMISTO_BASE_URL="https://xsoar.com:443"
    DEMISTO_API_KEY="xxxxxxxxxxxxx"

    Pass the variables with the following command:

    docker run --env-file .env <rest of the command>

Run Docker in Docker (Docker Daemon binding)

Docker Inside Docker involves running Docker within a Docker container. Instead of interacting with the host's Docker daemon, a new Docker engine is spawned within a container, providing an isolated environment for managing containers and images. It enables creating isolated, reproducible, and secure environments within Docker containers.

To implement Docker in Docker behavior, you need to mount the Docker Daemon container to use Docker commands from within a Docker container by binding the Docker Daemon as follows:

--mount source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind

Command arguments

Argument

Description

docker run

Creates a container (if one does not exist) and runs the following command inside it.

-it

Keeps the stdin open and connects tty.

--rm

Removes the Docker container when done (omit this to reuse the container in the future).

--mount type=bind,source="$(pwd)",target=/content

Connects the pwd (if you're in content) to the container's content directory.

--mount source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind

Binds the Docker Daemon to the container to enable running Docker in Docker.

demisto/demisto-sdk:\<tag>

The Docker image name.

Replace the tag with the locked version, it can be found in the Docker Hub).

demisto-sdk validate -i Packs/ipinfo/Integrations/ipinfo_v2

The Demisto SDK command to run inside the container.

Create an alias to a command

Creating an alias to a command makes it easier to use the command. You can do this by adding the following line to your shell configuration files:

Example 1.  
alias demisto-sdk="docker run -it --rm \
--mount type=bind,source="$(pwd)",target=/content \
--mount source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind \
demisto/demisto-sdk:<tag>"

Use the validate command

For more information about the validate command, see validate.

Example 2.  
docker run -it --rm \
--mount type=bind,source="$(pwd)",target=/content \
--mount source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind \
demisto/demisto-sdk:<tag> \
demisto-sdk validate -i Packs/ipinfo/Integrations/ipinfo_v2