NAnt Plugin
General Information
The plugin is an NAnt task which integrates automatic open source management with NAnt.
Once set up, all usage of open source software in the organization will be continuously and automatically in sync with WhiteSource.
- New projects will be created
- Existing projects will be updated
- Policies will be enforced on every action, failing the build if necessary
The plugin is licensed under the Apache 2.0 license.
Source code and issues are hosted on github.
How it Works
On execution, the plugin will determine which open source is currently used by your project and send it to WhiteSource.
Normal Flow
WhiteSource uses the collected information to create new projects or update existing ones.
Policy Check Flow
The plugin will check each new library against the organizational policies. If any library should be automatically rejected by some policy the build will fail. Otherwise your account will be updated.
An informative report of the results will be generated regardless of the outcome.
Installation
Prerequisites
- NAnt 0.92 or higher
- .NET Framework 4.0 or higher
Download
Download the latest version.
| Version | File | Features | Release Date |
|---|---|---|---|
| 1.3 | whitesource-nant-1.3.dll | Bug Fix - ArrayIndexOutOfBound error Resolved issues WSA-261 | 26.09.2017 |
| 1.2 | whitesource-nant-1.2.dll | Force update with build failure option | 11.05.2017 |
| 1.1 | whitesource-nant-1.1.dll | Force update | 27.04.2017 |
| 1.0 | NAnt Plugin | Update and Check Policies | 24.04.2014 |
Installation
Place the .dll file in one of the following:
- In your ${NANT_HOME}/bin directory.
- Wherever you want and reference it from your NAnt build file.
Example:
Setup
1. Define a new target named "whitesource":
2. Define the "updatetask" task:
Configuration
General Parameters
| Attribute | Type | Description | Required |
|---|---|---|---|
| apikey | String | Unique identifier of the organization to update, can be retrieved from the admin page in your White Source account | Yes |
| product | String | Name or unique identifier of the product to update. | No, defaults to project name |
| productversion | String | Version of the product to update. | No |
| projectToken | String | API token to match an existing WhiteSource project, can be retrieved from the Integration API page in your White Source account | No, matching existing WhiteSource projects to your project is done by name |
| failonerror | bool | Whether or not to stop the build when encountering an error | No, defaults to true |
Check Policies
You can initiate a policies check during the update with a nested <checkpolicies> element.
| Attribute | Type | Description | Required |
|---|---|---|---|
| reportdir | File | Output directory for generated report file (a folder named "whitesource" will be created at this location) | No. Default is project.baseDir/reports |
| failonrejection | bool | Whether or not to fail the build if policy rejects a library | No, defaults to true |
| forceupdate | bool | Updates organization inventory regardless of policy violations | No, defaults to false |
Executing the Plugin
To execute the task directly, simply run "nant whitesource" in your shell.
You can setup NAnt to execute the task as part of a build by binding it to a target.
Build Log
The plugin is executed during the build process. Sample log section:
