Installation Prerequisites - WhiteSource for GitLab

Overview

This page describes the required prerequisites for installing WhiteSource for GitLab.

General

The following requirements must be accommodated before installing WhiteSource for GitLab:

  • Access to a working WhiteSource Application and a user with Admin privileges.

  • Access to a working self-hosted GitLab instance and a user with Admin privileges.

  • The deployment includes two environments:

    • A build environment where the image is built.

    • A deployment environment where the image is deployed.

NOTE: The build environment can be the same as the deployment environment on which the relevant WhiteSource Docker images will be deployed.

Hardware Requirements (For Build and Deployment Environments)

  • CPU: Dual Core, 2Ghz or higher (Intel or AMD)

  • RAM: 16GB

  • Storage: 16 GB

General Requirements (For Build and Deployment Environments)

  • Admin privileges:

    • Windows - The user must have administrative privileges.

    • Linux - The user must have root privileges.

  • Docker server version 18 and above. To verify the Docker version, enter docker --version in the command line.

  • From WhiteSource Support, obtain the WhiteSource Docker distribution artifacts - delivered as a tar.gz or zip file:

    • agent-4-gitlab-server-<version>.tar.gz

    • agent-4-gitlab-server-<version>.zip

Build Environment Requirements

  • An internet connection for the entire duration of the build procedure.

  • When using a Container Orchestration Platform (i.e Kubernetes, ECS, Rancher etc.), make sure you have logs collection in place: ELK, Splunk or similar. If you are not using an Orchestration platform for the containers, the logs will be collected in designated folders. 

Deployment Environment Requirements

  • Port 5678 must be open at all times. This port will be used to receive webhooks from the GitLab system hook.

  • Access to the WhiteSource application is required at times for the operation of WhiteSource for GitLab. To check your access to the WhiteSource application, see the Health Checks section.

  • Communication between all the components, deployment environment to GitLab Server and the WhiteSource application.

Preparing for Installation

  1. Download the tar.gz file (agent-4-gitlab-server-<version>.tar.gz) for Linux or zip file Windows (agent-4-gitlab-server-<version>.zip)

  2. Extract the downloaded file to an empty directory.
    The extraction creates the following folders:
    wss-configuration: UI Configuration tool and related configuration file template
    wss-deployment: Deployment template (for example, deploying the integration using Helm charts)
    wss-gls-app: WhiteSource for GitLab application
    wss-remediate: WhiteSource Remediate worker
    wss-scanner: WhiteSource for GitLab scanner
    build.sh/build.bat (Linux/Windows): The build script that will create the relevant Docker images.

  3. Verify that the desired package managers will be installed on the wss-scanner Docker image.
    The package managers installed by default are - Maven (3.5.4), npm, Bower, Yarn, Gradle, Pip, and Pip3.
    If you want to scan a package manager not mentioned above, see Modifying the Scanner Dockerfile.

  4. Build the docker images. A total of three images will be built: wss-gls-app, wss-scanner, and wss-remediate.
    There are two options to build the Docker images:

    1. Using an executable script (recommended):
      Windows - Run build.bat which is located in the main folder where you extracted the agent-4-gitlab-server zip file.
      Linux - Run build.sh which is located in the main folder where you extracted the agent-4-gitlab-server tar.gz file.
      In order to ensure that the build succeeded, run the command docker images and check if the wss-gls-app, wss-gls-scanner, and wss-remediate images were created.

    2. Manually building the images:
      NOTE: If you selected option 4a (Using an executable script), skip this step.
      To run the steps of the build file manually, run the following commands directly:

1 2 3 4 # For example: docker build -t wss-gls-app:<version> wss-gls-app/docker docker build -t wss-scanner:<version> wss-scanner/docker docker build -t wss-remediate:<version> wss-remediate/docker