Source code installation

This guide walks you through installing and configuring Akto's code analysis module in your on-premises environment. The module enables automatic API discovery through code analysis.

Resources

Akto's Helm chart repo is on GitHub here. You can also find Akto on Helm.sh here.

Prerequisites

Before beginning the installation, ensure you have:

A Kubernetes cluster where you have deploy permissions
helm command installed. Check here
Akto setup already running Setting up Akto

Installation Steps

Here are the steps to install Akto code analysis module via Helm charts -

Generate Github access token
Install Akto code analysis module via Helm
Connecting to Github
View Generated APIs

Generate Github access token

Follow this guide to generate Github access token so that the Akto's code analysis module can download the repository
Configure token permissions:
- Select target repositories
- Grant "Read access to code and metadata" permission

Generate database abstractor token and url

The code analysis module requires access to Akto's database abstractor:

Access the Akto dashboard
Navigate to the "Quick Start" tab
In the Source Code section:
- Select Github
- Click "Connect"
- Save the databaseAbstractorToken from the helm command (to be used in the next step)

Install Akto code analysis module via Helm

Add Akto repo helm repo add akto https://akto-api-security.github.io/helm-charts

Install Akto code analysis module via helm. Make sure the below command is executed after replacing the following variables

database_abstractor_url: If the setup is hybrid then the value is https://cyborg.akto.io else find the akto database abstractor url
database_abstractor_token: This was generated in the previous step
github_token generated above
namespace: where you would like to install Akto code analysis module

helm install akto-source-code-analyser akto/akto-source-code-analyser  --set source_code_analyser.aktoSourceCodeAnalyser.env.githubAccessToken="<github_token>" --set source_code_analyser.aktoSourceCodeAnalyser.env.databaseAbstractorUrl="<database_abstractor_url>" --set source_code_analyser.aktoSourceCodeAnalyser.env.databaseAbstractorToken="<database_abstractor_token>" --set source_code_analyser.codeAnalysisLspService.env.startJavaLsp="true" --set source_code_analyser.aktoSourceCodeAnalyser.env.runtimeMode="HYBRID" -n <namespace>

Verify if all pods are running: kubectl get pods -n <namespace. Expected output: One pod with four running containers

Connecting to Github

Access the Akto dashboard
Navigate to the "Quick Start" tab
In the Source Code section:
- Select GitHub
- Click "Connect"
- Enter your organization name
- Select the target repository
- Save your changes

View Generated APIs

Open the Inventory page in Akto dashboard
Look for a new collection named <organization_name>/<repository_name>
The collection will contain all APIs discovered through code analysis

PreviousAPI inventory from source code NextVirtual Machines

Last updated 1 year ago

Was this helpful?

hashtagResources

hashtagPrerequisites

hashtagInstallation Steps

hashtagGenerate Github access token

hashtagGenerate database abstractor token and url

hashtagInstall Akto code analysis module via Helm

hashtagConnecting to Github

hashtagView Generated APIs