|Table of Contents|
Google Cloud Build is a service that executes your builds on the Google Cloud Platform infrastructure. Cloud Build can import source code from Google Cloud Storage, Cloud Source Repositories, GitHub, or Bitbucket. It executes a build to your specifications, and produces artifacts such as Docker containers or Java archives, and it enforces and it enforces security and licensing compliance in the CI/CD pipeline.
Cloud Build executes your build as a series of build of build steps, where each build step runs in a container. A build step can do anything that can be done from a container irrespective of the environment. Google Google Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy. With Google Cloud Build, you don’t need to provision, manage, and scale your own build servers. Google Cloud Build scales continuously and processes multiple builds concurrently, so your builds are not left waiting in a queue. You can get started quickly by using prepackaged build environments, or you can create custom build environments that use your own build tools. With Google Cloud Build, you are charged for the compute resources you use. For further information, refer to https://cloud.google.com/cloud-build/docs/.
Add the following build steps to your cloudbuild.yaml file:
Download the 'wss_agent.sh' script file:
NOTE: It is advised to use the below curl command only once a week to download the latest version of the Unified Agent for performance reasons and not as part of every build. You can do this using a scheduler task, such as cron
- name: GOOGLE_CONTAINER_REGISTER_PATH args: ['curl', '-s', '-L', '-O', 'https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss_agent.sh']
Run 'curl' to download the Unified Agent configuration file:
Initially, download the latest configuration file from https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config
Save the Unified Agent configuration file to your local machine.
Edit the 'includes', 'archiveIncludes', and 'archiveExtractionDepth' sections to support the relevant file or archive extensions. See Unified Agent Configuration File & Parameters.
Store the updated Unified Agent configuration file in an online drive (e.g., Google Drive).
Run the script 'wss_agent.sh'. This script downloads the latest version of WhiteSource Unified Agent Jar file and uses your custom configuration file:
- name: GOOGLE_CONTAINER_REGISTER_PATH args: ['bash', './wss_agent.sh', '-apiKey', 'YOUR_API_KEY', '-project', 'YOUR_PROJECT_NAME', '-d', 'SCAN_FOLDER_PATH', '-c', './wss-unified-agent.config']
Afterwards, the script runs the Jar with the regular command-line arguments of the Unified Agent. In the configuration file, you must use the organization API key ('apiKey') and determine the name of the WhiteSource project ('project'). See also User Level Access Control in Integrations and APIs.
The following is a sample 'cloudbuild.yaml' file with WhiteSource integration:
steps: - name: gcr.io/cloud-builders/docker args: - build - "-t" - "GOOGLE_CONTAINER_REGISTER_PATH" - "." - name: GOOGLE_CONTAINER_REGISTER_PATH args: ['curl', '-s', '-L', '-O', 'https://<ConfigFileLocation>/wss-unified-agent.config'] - name: GOOGLE_CONTAINER_REGISTER_PATH args: ['curl', '-s', '-L', '-O', 'https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss_agent.sh'] - name: GOOGLE_CONTAINER_REGISTER_PATH args: ['bash', './wss_agent.sh', '-apiKey', 'YOUR_API_KEY', '-project', 'YOUR_PROJECT_NAME', '-d', 'SCAN_FOLDER_PATH', '-c', './wss-unified-agent.config']
The register path is retrieved from the 'image' page as displayed in the following screenshot.