Prerequisites
- An authorized account to Google Cloud.
- Cloud SDK installed with the authorized account to Google Cloud.
- Docker installed.
- Make sure Google Cloud SDK is your docker helper. If you didn't run it before, you can do that with the command
gcloud auth configure-docker - Google Container Registry API in Cloud Console is enabled, and you can pull images from Google Container Registry
- User is already logged in the account in order to have access to cloud repositories:
gcloud auth login
Download Unified Agent & Configuration File
Notice on periodically fetching the Unified Agent
It is advised to use the below commands only once a week to download the latest version of the Unified Agent for performance reasons and not as part of every build. You can do this using a scheduler task, such as cron.
Use the following options to download the latest version of the WhiteSource Unified Agent JAR file and configuration file to your local host.
- Windows Using CURL
- Download CURL, and add it to your PATH environment variable.
- Open a new command prompt
Run the following commands:
Windows Using CURLcurl -LJO "https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar" curl -LJO "https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config"
- Windows Using PowerShell
- Open a new command prompt
Run the following commands:
Windows Using PowerShellpowershell bitsadmin /transfer mydownload /dynamic /download /priority FOREGROUND https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar $pwd\wss-unified-agent.jar powershell bitsadmin /transfer mydownload /dynamic /download /priority FOREGROUND https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config $pwd\wss-unified-agent.config
Make sure that Background Intelligent Transfer Service (BITS) is enabled if you want to use PowerShell on Windows.
- Windows - Manual Download
Download the following files manually using your web browser or any other download manager:
https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar
https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config Linux/Unix
Run the following commands from the Linux/Unix bash prompt :Linux/Unix Using CURLcurl -LJO "https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar" curl -LJO "https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config"
Update Configuration File
Update the configuration file (wss-unified-agent.config) that you downloaded in step 2 according to your specific requirements.
Enable the relevant lines by removing the '#' symbol at the beginning of the lines.
Related Parameters
Parameter | Input | default value | description |
---|---|---|---|
docker.gcr.enable | true or false | false | Enable/Disable google container registry resolving. |
docker.gcr.account | account mail | Empty String | Not mandatory. Specifies which account to set active and work on, cloud SDK can have multiple logged in accounts but may have only one active. One account is always active by default. Otherwise, commands will not work. |
docker.gcr.repositories | Host-Name/Project-Id | Empty List | A list of repositories separated by comma. If empty, it will use the default repository. Example value: |
Run the Unified Agent
Run the Unified Agent with the modified configuration file via this command:
java -jar wss-unified-agent.jar -apiKey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx -c wss-unified-agent.config
Scanning Information
The scanner saves your required images and scans all the file system and installed packages.
It scans all the image layers, and handles archive files in the layers based on the value in the property 'archiveExtractionDepth'.
The Docker image is saved to the temporary directory defined in your environment, and is deleted immediately after the scan.
The scanning results are presented in a new WhiteSource project identified by the name of the image in the following format: <image id> <repository> <tag>.
The project is created in the WhiteSource product specified in the configuration file or command line.