The plugin integrates automatic open source management with Jetbrains TeamCity.
Once set up, all usage of open-source software in the organization will be continuously and automatically in sync with WhiteSource.
New projects will be created
Existing projects will be updated
Policies will be enforced on every action, failing the build if necessary.
The plugin currently support build steps with either Maven, Ant, or shell script Runner types.
The plugin is licensed under the Apache 2.0 license. Source code and issues are hosted on github .
On execution, the plugin will determine which open source is currently used by your project and send it to WhiteSource.
No source code is scanned. Only descriptive information is sent over the wire.
WhiteSource uses the collected information to create new projects or update existing ones.
The plugin will check each new library against the organizational policies. If any library is automatically rejected by some policy, the build will fail. Otherwise your account will be updated.
An informative report of the results will be generated regardless of the outcome.
Download the plugin:
Installation of the plugin is done directly via the TeamCity GUI:
Go to Administration > Server Administration > Plugins List.
Click Upload plugin zip, and navigate to the location of the plugin's zip file.
Restart the TeamCity server (this task can also be done via the TeamCity GUI).
Start by configuring the global settings, these settings will be applied to every project in your TeamCity environment. Then, setup the jobs that should interact with WhiteSource.
Once the plugin is installed go to Administration > Integrations > WhiteSource.
Organization Token: A unique identifier of the organization. You can retrieve it in the Admin Integration API page.
User Key: Unique user key. See User Level Access Control in Integrations and APIs for more information.
Policy Check: Checks that the introduced open source libraries conform with organization policies.
Check only new libraries: Check that the newly introduced open source libraries conform with organization policies.
Force check all libraries: Check that all introduced open source libraries conform with organization policies.
Disable: Disable policies check when updating WhiteSource.
Force Update: Updates organization inventory regardless of policy violations.
Fail on Error: Indicates whether or not to fail the build on a general error (e.g. network error).
Service URL: URL of the environment on which the WhiteSource organization is hosted. The default is “https://saas.whitesourcesoftware.com”; therefore organizations hosted on that can leave this field blank.
Connection Timeout (optional): Connection timeout value in minutes. If the field is left blank, the value is 60 minutes.
Proxy Server (optional): If TeamCity is behind a firewall then you should select the checkbox. As displayed in the following screenshot, once the checkbox is selected, newly displayed fields can be filled in, in order to allow communication with the WhiteSource servers.
By setting SKIP_WHITESOURCE_PLUGIN to true the plugin will be disabled.
Number of connection retries when unable to connect to WhiteSource service (default value is 1).
Connection interval in seconds between two connection retries to WhiteSource service (default value is 3 seconds).
Enable the plugin for each job you want to use to update WhiteSource.
Only supported runner types will have these options visible.
Build runners that have no concise system for managing dependencies require a different configuration.
What we're looking for is descriptive information about each library used. What we need to know is which libraries to include and where we can find them, that is the sole purpose of the configuration.
The plugin is executed when the runner finishes. Sample log section:
Install the plugin and import data into WhiteSource.
Apply policy check before updating WhiteSource.
First release of the plugin.