Versions Compared

Old Version 15

changes.mady.by.user Tsur Rothfeld

Saved on

compared with

New Version 16

changes.mady.by.user Tsur Rothfeld

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

...

  • An authorized account to Google Cloud

  • Cloud SDK installed with the authorized account to Google Cloud

  •  Docker installed

  • Make sure Google Cloud SDK is your docker helper. If you didn't run it before, you can do that with the command
    gcloud auth configure-docker 

  • Google Container Registry API in Cloud Console is enabled, and you can pull images from Google Container Registry

  • User is already logged in the account in order to have access to cloud repositories:
    gcloud auth login

Download Unified Agent & Configuration File

Info

Notice on periodically fetching the Unified Agent

It is advised to use the below commands only once a week to download the latest version of the Unified Agent for performance reasons and not as part of every build. You can do this using a scheduler task, such as cron.

...

Parameter

Input 

Default Value

Description

docker.gcr.enable 

true or false

false

Enable/Disable google container registry resolving.

docker.gcr.account

account mail

Empty String

Not mandatory. Specifies which account to set active and work on, cloud SDK can have multiple logged in accounts but may have only one active.
One account is always active by default. Otherwise, commands will not work.

docker.gcr.repositories

Host-Name/Project-Id

Empty List

A list of repositories separated by comma. If empty, it will use the default repository.

Example value:
gcr.io/whitesource-main,gcr.io/whitesource-johnsmith

Run the Unified Agent

Run the Unified Agent with the modified configuration file via this command:

Run FSA
Code Block
languagebash
java -jar wss-unified-agent.jar -apiKey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx -c wss-unified-agent.config

...

The scanner saves your required images and scans all the file system and installed packages.
It scans all the image layers, and handles archive handles archive files in the layers based on the value in the property 'archiveExtractionDepth'.

The Docker image is saved to the temporary directory defined in your environment , and is deleted immediately after the scan.

The scanning results are presented in a new WhiteSource project identified by the name of the image in the following format:  <image id> <repository> <tag>.
The project is created in the WhiteSource product specified in the configuration file or command line.

...