Table of Contents | ||
---|---|---|
|
...
Download CURL, and add it to your PATH environment variable.
Open a new command prompt.
Run the following commands:
Windows Using CURL
Code Block language java curl -LJO https://github.com/Mendwhitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar ccurlcurl -LJO https://github.com/Mendwhitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config
...
Open a new command prompt.
Run the following commands:
Windows Using PowerShell
Code Block language java powershell bitsadmin /transfer mydownload /dynamic /download /priority FOREGROUND https://github.com/Mendwhitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar $pwd\wss-unified-agent.jar powershell bitsadmin /transfer mydownload /dynamic /download /priority FOREGROUND https://github.com/Mendwhitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config $pwd\wss-unified-agent.config
...
Code Block | ||
---|---|---|
| ||
curl -LJO https://github.com/Mendwhitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar curl -LJO https://github.com/Mendwhitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config |
...
This configuration sets the Unified Agent to scan all the docker repositories named *alpine.* except for the two image tags in the 'exclude' section.
Alternatively, you can leave the docker.excludes parameter commented if you want to scan all your image containers.
Configuration Parameters
Attribute | Type | Description | Required |
---|---|---|---|
docker.azure.enable | Boolean | Enables pulling Docker Images from Azure Container registry. Note: Verify that the 'docker.scanImages' and 'docker.pull.enable' parameter values are also set to 'true' | Yes |
docker.azure.userName | String | Username for Azure Container registry | Yes |
docker.azure.userPassword | String | Password for Azure Container registry | Yes. Not mandatory if you already logged in manually to your Azure account via the Azure Client CLI. |
docker.azure.registryNames | String | Docker repository names in Azure Container registry separated by a space | Yes |
docker.azure.authenticationType | String | Authentication Type for Azure Container registry. Either “containerRegistry” or "userAccount". | Yes. Default is "userAccount" - case insensitive. |
docker.azure.registryAuthenticationParameters | String | Used in case login is by ACR "docker.azure.authenticationType =containerRegistry. Format: “<acr-username>:<acr-password>". | Only if login is by ACR "docker.azure.authenticationType =containerRegistry. |
...
Run the Unified Agent:
Code Block |
---|
java -jar Mendwhitesource-wss-agent.jar -apiKey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx -c Mendwhitesource-wss-agent.config |
Scanning Information
The scanner saves your required images and scans the file system and installed packages. It scans all the image layers and handles archive files in the layers based on the value in the property 'archiveExtractionDepth'.
The Docker image is saved to the temporary directory defined in your environment and is deleted immediately after the scan. The scanning results are presented in a new Mend project identified by the name of the image in the following format: <image id> <repository> <tag>.
The project is created in the Mend product specified in the configuration file or command line.
...