Versions Compared

Old Version 32

changes.mady.by.user Tsur Rothfeld

Saved on

compared with

New Version 33

changes.mady.by.user Michelle Friedman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Integrating AWS CodeBuild with WhiteSource

To integrate AWS CodeBuild with WhiteSource, do as follows:

  1. To add the WhiteSource Integration code, do one of the following options:

    • Add a buildspec.yml file to your source code root directory or edit your existing file.

    • You may also use CodeBuild console UI editor for editing the buildspec.yml file.
      This enables customers who may not have committer access to the source repo to also use this integration.

      Image RemovedImage Added

  2.  Add the following commands to the pre-build phases in buildspec.yml:

    1. curl -LJO https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss_agent.sh
      This step will download the wss_agent.sh script file to AWS CodeBuild server.

      NOTE: It is advised to use the curl command only once a week to download the latest version of the Unified Agent for performance reasons and not as part of every build. You can do this using a scheduler task, such as cron.

    2. Add the following command commands to the post-build phase:
      bash wss_agent.sh -apiKey $ws_api_key -project my-project -d . This command
      -wss.url https://<environment>.whitesourcesoftware.com/agent
      where <environment> corresponds to saas/app/saas-eu/app-eu
      These commands will run the script wss_agent.sh.
      The script will download the latest version of WhiteSource Unified Agent jar file and its config file to your AWS CodeBuild server and execute it with the regular command-line arguments of Unified Agent.
      Determine the name of the WhiteSource project.

    3. The buildspec.yml file should have the below structure:

      Sample buildspec.yml file with WhiteSource integration

  3. Sign in to your AWS Console.

  4. Open the CodeBuild service from the Developer Tools services category.

  5. Click  Create build project or choose one of your existing projects.

  6. Make sure that the Build specification option uses the default buildspec.yml file. 

  7. In the Advanced Settings section, add an Environment variable with the name ws_api_key and the value of your WSS API Key.

  8. Click  Continue and then Save or Save and Build to directly build after the save.

  9. Following a successful build process, your WhiteSource service will be updated with the details of your project, and a build of your project (zipped or not) will be placed inside the S3 bucket you have selected in your project's settings.

  10. You can see your build details, by choosing the Build run from the Build history list. WhiteSource's logging information will be listed under Build logs.
    The scanning command and its output will appear in the POST_BUILD phase in the build log.

  11. After the build completes with a WhiteSource scan, you can review the scanning results in your WhiteSource organization under the relevant project.

Info

Breaking Builds

In case of a WhiteSource scanning error, the scanning step returns an error code. See the return codes below. Returning an exit code other than success results in a failure of the build step.

  • Success=0

  • Error=-1

  • Policy Violation=-2

  • Client Failure=-3

  • Connection Failure=-4

The exit codes WhiteSource returns in the Bash command language should be treated as 'x' modulo 256: 

  • Exit code 0 is equivalent to code 0 (0 mod 256 = 0)

  • Exit code -1 is equivalent to code 255 (-1 mod 256 = 255)

  • Exit code -2 is equivalent to code 254 (-2 mod 256 = 254)

  • Exit code -3 is equivalent to code 253 (-3 mod 256 = 253)

  • Exit code -4 is equivalent to code 252 (-4 mod 256 = 252)

...