Page Comparison

bazel.resolveDependencies

Whether to resolve Bazel dependencies

Resolves Bazel dependencies

Will not resolve Bazel dependencies

True

No

bazel.runPreStep

Indicates whether to perform a pre-step - install dependencies in case they are not installed.

Prior to scanning, the Unified Agent will run the Bazel build and Bazel sync.

Prior to scanning, the Unified Agent will not run the Bazel build and Bazel sync.

False

No

bazel.resolveDependencies

Whether to resolve Bazel dependencies

Resolves Bazel dependencies

Will not resolve Bazel dependencies

True

No

bazel.runPreStep

Indicates whether to perform a pre-step - install dependencies in case they are not installed.

Prior to scanning, the Unified Agent will run the Bazel build and Bazel sync.

Prior to scanning, the Unified Agent will not run the Bazel build and Bazel sync.

False

No

docker.scanImages

Runs scans on all or specified images. 

When set to True, only the Docker container Docker image scan and Linux packages scan will occur.
General scan using local resolvers (package manager) will only take place if the resolvers are installed and available locallyThis will include the detection of Linux packages, and a general scan of the image file system for package managers' based resolution and identification of source files/binaries.

See here for more information on scanning Docker images.

Only the Docker Image scan and Linux packages scan image scan will occur.

Image Docker image scan will not take place.

False

-docker.scanImages

docker.includes 

Comma, space or line-delimited list specifying which images to include in the scan.

Values provided should come from either of the following:

• Repository (image name)

• Tag

• Image ID

N/A

N/A

The default value is ".*.*"

(All images will be scanned)

No

docker.excludes 

Comma, space or line-delimited list specifying which images to exclude in the scan.

Values provided should come from either of the following:

• Repository (image name)

• Tag

• Image ID

N/A

N/A

The default value is ""

(No images will be excluded)

No

docker.pull.enable 

Whether to execute "pull" from all from all relevant registries

Executes 'pull' from all relevant registries

Will not pull anything

False

No

docker.pull.images 

Pull Docker images that match the specified filter (string).

Can include regular expressions or a list of space-delimited values.

N/A

N/A

The default value is ""

(all images will be pulled)

No

docker.pull.maxImages 

Defines the maximum number of images to be pulled. When this number of pulled images is reached, no more images are pulled.

N/A

N/A

10

No

docker.pull.tags 

Pulls Docker images whose tags match the specified filter (string).

Can include regular expressions or a list of space-delimited values.

N/A

N/A

The default value is ""

(all images will be pulled)

No

docker.pull.digest 

Pull Docker images whose digests match the specified filter (string).

Can include regular expressions or a list of space-delimited values.

N/A

N/A

The default value is ""

(all images will be pulled)

No

docker.delete.force 

Enables WhiteSource to use Docker to delete images via the 'force' flag. This is required if the user pulled images that are related to other images, so in this case a regular delete may not work. 

NOTE: Use this parameter with caution.

WhiteSource uses Docker to delete images via the 'force' flag.

WhiteSource will not use Docker to delete images via the 'force' flag.

False

No

docker.login.sudo 

Whether the Unified Agent will run 'sudo docker login'.

The Unified Agent will run 'sudo docker login'.

The Unified Agent will not run 'sudo docker login'.

True

No

docker.projectNameFormat 

Determine's the Docker project's name's format.

• If the value is set to default, the project name created in WhiteSource comprises the Docker repository name, tag and ID, in the following format:

<Image Name> <Image Tag> <Image ID>

• If the value is set to repositoryNameAndTag, then the project name created in WhiteSource comprises the Docker repository name and tag, in the following format:

<Image Name> <Image Tag>

• If the value is set to repositoryName,  the project name comprises only the Docker repository name:

<Image Name>

N/A

N/A

"DEFAULT"

No

docker.aws.enable 

Enables pulling Docker Images from Amazon Elastic Container Registry (ECR).

NOTE: If set to True, the  'docker.scanImages' and 'docker.pull.enable' parameter values are also set to True.

Pulls Docker Images from Amazon Elastic Container Registry (ECR).

Will not pull Docker Images from Amazon Elastic Container Registry (ECR).

False

No

docker.aws.registryIds 

The Registry IDs list on Amazon Web Services (the AWS 12-digit account IDs that correspond to the Amazon ECR registries). The  list must include the following:

• Full registry IDs and no GLOB patterns. 

• At least one registry ID. Values are space-delimited.

NOTE: Required if docker.aws.enable=true.

N/A

N/A

No default

No

docker.azure.enable 

Enables pulling Docker Images from Azure Container registry. 

NOTE: If set to True, the  'docker.scanImages' and 'docker.pull.enable' parameter values must also be set to True.

Pulls Docker Images from Azure Container registry. 

Will not pull Docker Images from Azure Container registry. 

False

No

docker.azure.userName 

Username for Azure Container registry. 

NOTE: Required if docker.azure.enable is True.

N/A

N/A

No default

No

docker.azure.userPassword 

Password for Azure Container registry.

NOTE: Required if if docker.azure.enable=true. However, it is not mandatory if you already logged in manually to your Azure account via the Azure Client CLI.

N/A

N/A

No default

No

docker.azure.registryNames 

Docker registry names in Azure Container registry, space-delimited.

NOTE: Required if docker.azure.enable=true.

N/A

N/A

No default

No

docker.azure.authenticationType

Whether to use “containerRegistry” or "userAccount" as the authentication type.

Using  "userAccount" login method requiere setting should be filled "docker.azure.userName" and "docker.azure.userPassword"

Using  "containerRegistry", login method  will login to each registry using registry username and password provided in config file in the param docker.azure.registryAuthenticationParameters

N/A

N/A

userAccount

No

docker.azure.registryAuthenticationParameters

Registry authentication parameters should contain username and password for each registry in the following format <registryUsername>:<registryPassword>. If there are more than one registry contain in docker.azure.registryNames param then username and password should be provided separated by space:

<registry1UserName>:<registry1Password> <registry2UserName>:<registry2Password>

N/A

N/A

No default

No

docker.artifactory.enable 

Enables pulling Docker Images from the Artifactory Pro Docker registry. 

NOTE: Verify that the  'docker.scanImages' and 'docker.pull.enable' parameter values are also set to True.

Pulls Docker Images from the Artifactory Pro Docker registry. 

Will not pull Docker Images from the Artifactory Pro Docker registry.

False

No

docker.artifactory.url 

Artifactory URL including http:// or https:// and contextpath (Artifactory default contextPath is “/artifactory" )

NOTE:

• Required if if docker.artifactory.enable=true.

• Where read-only users are created via docker.artifactory.dockerAccessMethod, this must consist of http/s://<public server name>:<HTTP/S port>/<public context path>.

N/A

N/A

No default

No

docker.artifactory.pullUrl 

• If ‘docker.artifactory.pullUrl’ is empty, use original behavior of 'docker.artifactory.url'

• If ‘docker.artifactory.pullUrl’ is not empty use it as URL to docker [login/pull] commands while ‘docker.artifactory.url’ is used to run REST API command for artifactory.

N/A

N/A

No default

No

docker.artifactory.userName 

Username for Artifactory Pro Docker registry

NOTE: Required if docker.artifactory.enable=true.

N/A

N/A

No default

No

docker.artifactory.userPassword 

Password for Artifactory Pro Docker registry.

NOTE: Required if docker.artifactory.enable=true.

N/A

N/A

No default

No

docker.artifactory.repositoriesNames 

Repository names in Artifactory Pro Docker registry, space-delimited list.

NOTE: Required if docker.artifactory.enable=true.

N/A

N/A

No default

No

docker.artifactory.dockerAccessMethod 

Required when the user has read-only access.

Values are: repopath, subdomain, port.

In case customers use port method 'docker.artifactory.dockerAccessMethod=port', 'repository port' must be added to each repository in ‘docker.artifactory.repositoriesNames' in this format: <repositoryName>:<repositoryPort>

N/A

N/A

No default

No

docker.hub.enabled 

Enables pulling Docker Images from the Docker Hub registry. 

NOTE: Verify that the 'docker.scanImages' and 'docker.pull.enable' parameter values are also set to True.

Pulls Docker Images from the Docker Hub registry. 

Will not pull Docker Images from the Docker Hub registry. 

False

No

docker.hub.userName 

Username for Docker Hub registry.

NOTE: Required if docker.hub.enable=true

N/A

N/A

No default

No

docker.hub.userPassword 

Password required for Password for Azure Container registry.

NOTE: Required if docker.hub.enable=true

N/A

N/A

No default

No

docker.hub.organizationsNames 

Space-delimited list of organizations under the user to be scanned.

NOTE: Required if docker.hub.enable=true.

N/A

N/A

No default

No

docker.scanTarFiles

Used when the user supplies the tar file of a Docker image.

The Unified Agent will scan the .tar file as a Docker image.

The Unified Agent will not scan the .tar file as a Docker image.

False

No

docker.gcr.repositories

A list of repositories, comma-delimited.
If empty, the Unified Agent will use the default repository.

Example value:
gcr.io/whitesource-main,gcr.io/whitesource-johnsmith

N/A

N/A

Empty

No

docker.gcr.enable

Enables pulling Docker Images from Google Container Registry with Docker.

NOTE: Verify that the  docker.scanImages and docker.pull.enable parameter values are also set to 'true'

Pulls Docker Images from Google Container Registry with Docker.

Will not pull Docker Images from Google Container Registry with Docker.

False

No

docker.gcr.account

Email of Google Container Registry account.

N/A

N/A

Empty

No

docker.layers

Enables users scanning docker images to receive information regarding packages in layer granularity.  The layer granularity can be viewed in the interface under the hierarchical display.

Provides information packages in layer granularity. The scan will split the result into layers, each layer contains all packages/libraries and files found under the layer (in case a package was added at layer 2 and deleted from 3, it will not appear at all in the result, since its not part of the final result). 

Will not provide the aforementioned information.

False

No

docker.scanContainers 

Scan all or specified containers. 
When set to True, only the Docker Docker container scan and Linux packages scan will occur. General scan using local resolvers (package managers) will only occur if the resolvers are installed and available locallyThis will include the detection of Linux packages, and a general scan of the container file system for package managers' based resolution and identification of source files/binaries.

Before starting a container scan, run the command "docker ps -a" to check for listed containers.
See here for more information on scanning Docker images.

Only the Docker container scan and Linux packages scan will occur.

Container Docker container scan will not take place.

False

No

docker.containerIncludes 

Comma, space or line-delimited list specifying which containers to include in the scan.

Values provided should come from any of the following:

• Container ID

• Container name

• Image name

N/A

N/A

The default value is "*" (all containers will be scanned)

No

docker.containerExcludes 

Comma, space or line separated list specifying which containers to exclude in the scan.

Values provided should come from any of the following:

• Container ID

• Container name

• Image name

N/A

N/A

The default value is "" (no container will be excluded)

No