How to build a Windows-based Docker image for CAST Highlight code scans

Our Docker image allows you to run the command line to scan your apps, as a Linux-based container. While it woks for most of organizations, some users may need to run it as a Windows-based container. This article details the few steps required to build your own Windows-based image, run the container and scan your first application with CAST Highlight.First off, get DockerFirst, you'll need Docker installed on your machine. Depending on your OS, you can get it from here: https://www.docker.com/ In order to check everything you need is installed, simply run this command:  

> docker version

This should return something like this:

Client: Docker Engine - Community Version: 19.03.5 API version: 1.40 Go version: go1.12.12 Git commit: 633a0ea Built: Wed Nov 13 07:22:37 2019 OS/Arch: windows/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 19.03.5 API version: 1.40 (minimum version 1.12) Go version: go1.12.12 Git commit: 633a0ea Built: Wed Nov 13 07:29:19 2019 OS/Arch: linux/amd64 Experimental: false containerd: Version: v1.2.10 GitCommit: b34a5c8af56e510852c35414db4c1f4fa6172339 runc: Version: 1.0.0-rc8+dev GitCommit: 3e425f80a8c931f88e6d94a8c831b9d5aa481657 docker-init: Version: 0.18.0 GitCommit: fec3683

Define your Windows imageCreate a directory where the image will be built. mkdir win-hl Copy the JAR of the CAST Highlight command line to this directory copy Highlight-Automation-Command-5.1.17.tar.gz win-hl Create a Dockerfile in the same directory and add the code below:Launch the build command as follows:  

> docker build -t casthighlight/hl-agent-cli-win .

You're now ready to run this image as a container and scan an application...Run the containerIn a Powersell terminal, go to the source directory you want to scan and launch this command:

> docker run --rm -v ${PWD}:c:\sourceDir -v ${PWD}:c:\workingDir casthighlight/hl-agent-cli-win --sourceDir c:\sourceDir --workingDir c:\workingDir --skipUpload

The --rm option tells docker to remove the container once it has finished its job. You should get the following output from the Command Line through the container: Enjoy your scans!