...
Parameter | Type | Description | Required | Default | ||
---|---|---|---|---|---|---|
matchHost | String | Defines where the credentials will be applied during the scan. If you want to apply credentials only for a nested path within a host, then write If the same credentials apply to all paths on a host and not on any subdomains, configure Finally, to apply credentials to all hosts within the domain, use a | No | Empty | ||
hostType | String | Type of private registry. Supported values: | No | Empty | ||
username | String | Used when credentials consist of username and password. | No | Empty | ||
password | String | Used when credentials consist of username and password, should be encrypted by this instruction. Encrypted secret that will be applied as a credential to the host set in the
| No | Empty | ||
token | String | Used when credentials consist of username and password, should be encrypted by this instruction. Encrypted secret that will be applied as a credential to the host set in the
| No | Empty |
...
List of supported private registries:
NPM
Yarn
Maven
Gradle
PIP
Go
In order to scan dependencies from private registries and authenticated repositories, WhiteSource must be provided with credentials, such as an NPM token. These credentials must be added as encrypted secrets to the .whitesource file, either per-repository or in the shared global config, if the secret scope is org-wide.
...
Use GPG to generate a PGP Key. Use the command
gpg --full-generate-key
and follow the prompts to generate a key. Please note that at this time we do not support using a passphrase for decryption, so it is best to generate the keys without a passphrase. Name and email are not important.Copy the key ID from the output or run
gpg --list-secret-keys
if you forgot to take a copy. This is your public key.Run
gpg --armor --export-secret-keys YOUR_NEW_KEY_ID > ws-private-key.asc
to generate an armored (text-based) private key fileRun
gpg --armor --export YOUR_NEW_KEY_ID > ws-public-key.asc
to generate an armored (text-based) public key file
Provide the private key to the Controller, Remediate, and Scanner with environmental variable (learn more about environmental variables in the Advanced Technical Information documentation). There are two options for how to do it, but only one option should be used.
WS_HOST_RULES_PRIVATE_KEY
- the value of the private key itself.WS_HOST_RULES_PRIVATE_KEY_FILE_PATH
- path to the file containing the private key. This file should be mapped to the running containers.
Open index-enterprise.html in your favorite editor.
Find and replace the text "COPY_YOUR_PUBLIC_PGP_KEY_HERE" with your newly generated public key and save the file.
const publicKeyString = `COPY_YOUR_PUBLIC_PGP_KEY_HERE`;
After the secret is created, please add it to the hostRules parameter of the .whitesource file.
...