This page describes the required prerequisites for installing WhiteSource for GitLab.
The following requirements must be accommodated before installing WhiteSource for GitLab:
Access to a working WhiteSource Application and a user with Admin privileges.
Access to a working self-hosted GitLab instance and a user with Admin privileges.
The deployment includes two environments:
A build environment where the image is built.
A deployment environment where the image is deployed.
The build environment can be the same as the deployment environment on which the relevant WhiteSource Docker images will be deployed.
Hardware Requirements (For Build and Deployment Environments)
CPU: Dual Core, 2Ghz or higher (Intel or AMD)
Storage: 16 GB
General Requirements (For Build and Deployment Environments)
Windows - The user must have administrative privileges.
Linux - The user must have root privileges.
Docker server version 18 and above. To verify the Docker version, enter docker --version in the command line.
From WhiteSource Support, obtain the WhiteSource Docker distribution artifacts - delivered as a tar.gz or zip file:
Build Environment Requirements
An internet connection for the entire duration of the build procedure.
When using a Container Orchestration Platform (i.e Kubernetes, ECS, Rancher etc.), make sure you have logs collection in place: ELK, Splunk or similar. If you are not using an Orchestration platform for the containers, the logs will be collected in designated folders.
Deployment Environment Requirements
Port 5678 must be open at all times. This port will be used to receive webhooks from the GitLab system hook.
Access to the WhiteSource application is required at times for the operation of WhiteSource for GitLab. To check your access to the WhiteSource application, see the Health Checks section.
Communication between all the components, deployment environment to GitLab Server and the WhiteSource application.
Preparing for Installation
Download the tar.gz file (agent-4-gitlab-server-<version>.tar.gz) for Linux or zip file Windows (agent-4-gitlab-server-<version>.zip)
Extract the downloaded file to an empty directory. The extraction creates the following folders: wss-configuration: UI Configuration tool and related configuration file template wss-deployment: Deployment template (for example, deploying the integration using Helm charts) wss-gls-app: WhiteSource for GitLab application wss-remediate: WhiteSource Remediate worker wss-scanner: WhiteSource for GitLab scanner build.sh/build.bat (Linux/Windows): The build script that will create the relevant Docker images.
Verify that the desired package managers will be installed on the wss-scanner Docker image. The package managers installed by default are - Maven (3.5.4), npm, Bower, Yarn, Gradle, Pip, and Pip3. If you want to scan a package manager not mentioned above, see Modifying the Scanner Dockerfile.
Build the docker images. A total of three images will be built: wss-gls-app, wss-scanner, and wss-remediate. There are two options to build the Docker images:
Using an executable script (recommended): Windows -Run build.bat which is located in the main folder where you extracted the agent-4-gitlab-server zip file. Linux - Run build.sh which is located in the main folder where you extracted the agent-4-gitlab-server tar.gz file. In order to ensure that the build succeeded, run the command docker images and check if the wss-gls-app,wss-gls-scanner, and wss-remediate images were created.
Manually building the images: NOTE: If you selected option 4a (Using an executable script), skip this step. To run the steps of the build file manually, run the following commands directly: