Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add .whitesource file to activate integration scan #999

Merged
merged 2 commits into from
Jan 4, 2022
Merged

Add .whitesource file to activate integration scan #999

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0fc80b4
Add whitesource for to activate integration
zelinh Dec 7, 2021
4d8655f
Add links of documents for WhiteSource
zelinh Dec 30, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions .whitesource
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{
"scanSettings": {
"configMode": "LOCAL",
"configExternalURL": "",
"projectToken": "",
"baseBranches": []
},
"checkRunSettings": {
"vulnerableCheckRunConclusionLevel": "failure",
"displayMode": "diff"
},
"issueSettings": {
"minSeverityLevel": "LOW"
}
}
375 changes: 375 additions & 0 deletions whitesource.config
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,375 @@
###############################################################
# WhiteSource Unified-Agent configuration file
tmarkley marked this conversation as resolved.
Show resolved Hide resolved
# WhiteSource User Guide: https://whitesource.atlassian.net/wiki/spaces/WD/pages/34111720/WhiteSource+User+Guide
# WhiteSource Integration with Github.com: https://whitesource.atlassian.net/wiki/spaces/WD/pages/697696422/WhiteSource+for+GitHub.com
# WhiteSource Unified Agent Configurations: https://whitesource.atlassian.net/wiki/spaces/WD/pages/1544880156/Unified+Agent+Configuration+Parameters
###############################################################
# GENERAL SCAN MODE: Files and Package Managers
###############################################################
# Organization vitals
######################

#apiKey='${wss_apikey}'
apiKey=
#userKey is required if WhiteSource administrator has enabled "Enforce user level access" option
#userKey=
#[email protected]

projectName=
projectVersion=
projectToken=
#projectTag= key:value

productName=
productVersion=
productToken=

#projectPerFolder=true
#projectPerFolderIncludes=
#projectPerFolderExcludes=

#wss.connectionTimeoutMinutes=60

# Change the below URL to your WhiteSource server.
# Use the 'WhiteSource Server URL' which can be retrieved
# from your 'Profile' page on the 'Server URLs' panel.
# Then, add the '/agent' path to it.
wss.url=https://saas.whitesourcesoftware.com/agent
#wss.url=https://app.whitesourcesoftware.com/agent
#wss.url=https://app-eu.whitesourcesoftware.com/agent

############
# Policies #
############
checkPolicies=false
forceCheckAllDependencies=false
forceUpdate=false
forceUpdate.failBuildOnPolicyViolation=false
#updateInventory=false

###########
# General #
###########
#offline=false
#updateType=APPEND
#ignoreSourceFiles=true
#scanComment=
#failErrorLevel=ALL
#requireKnownSha1=false

#generateProjectDetailsJson=true
#generateScanReport=true
#scanReportTimeoutMinutes=10
#scanReportFilenameFormat=

#analyzeFrameworks=true
#analyzeFrameworksReference=

#updateEmptyProject=false

#log.files.level=
#log.files.maxFileSize=
#log.files.maxFilesCount=
#log.files.path=

########################################
# Package Manager Dependency resolvers #
########################################
resolveAllDependencies=false
#excludeDependenciesFromNodes=.*commons-io.*,.*maven-model

#npm.resolveDependencies=false
#npm.ignoreSourceFiles=false
#npm.includeDevDependencies=true
#npm.runPreStep=true
#npm.ignoreNpmLsErrors=true
#npm.ignoreScripts=true
#npm.yarnProject=true
#npm.accessToken=
#npm.identifyByNameAndVersion=true
#npm.yarn.frozenLockfile=true
#npm.resolveMainPackageJsonOnly=true
#npm.removeDuplicateDependencies=false
#npm.resolveAdditionalDependencies=true
#npm.failOnNpmLsErrors =
#npm.projectNameFromDependencyFile = true
#npm.resolveGlobalPackages=true
#npm.resolveLockFile=true

#bower.resolveDependencies=false
#bower.ignoreSourceFiles=true
#bower.runPreStep=true

#nuget.resolvePackagesConfigFiles=false
#nuget.resolveCsProjFiles=false
#nuget.resolveDependencies=false
#nuget.restoreDependencies=true
#nuget.preferredEnvironment=
#nuget.packagesDirectory=
#nuget.ignoreSourceFiles=false
#nuget.runPreStep=true
#nuget.resolveNuspecFiles=false
#nuget.resolveAssetsFiles=true

#python.resolveDependencies=false
#python.ignoreSourceFiles=false
#python.ignorePipInstallErrors=true
#python.installVirtualenv=true
#python.resolveHierarchyTree=false
#python.requirementsFileIncludes=requirements.txt
#python.resolveSetupPyFiles=true
#python.runPipenvPreStep=true
#python.pipenvDevDependencies=true
#python.IgnorePipenvInstallErrors=true
#python.resolveGlobalPackages=true
#python.localPackagePathsToInstall=/path/to/local/dependency.egg, /path/to/local/dependency.zip
#python.resolvePipEditablePackages
#python.path=/path/to/python
#python.pipPath=/path/to/pip
#python.runPoetryPreStep=true
#python.includePoetryDevDependencies=true

#maven.ignoredScopes=test provided
#maven.resolveDependencies=false
#maven.ignoreSourceFiles=true
#maven.aggregateModules=true
#maven.ignorePomModules=false
#maven.runPreStep=true
#maven.ignoreMvnTreeErrors=true
#maven.environmentPath=
#maven.m2RepositoryPath=
#maven.downloadMissingDependencies=false
#maven.additionalArguments=
#maven.projectNameFromDependencyFile=true

resolveAllDependencies=false
archiveExtractionDepth=7
followSymbolicLinks=true
gradle.resolveDependencies=true
gradle.aggregateModules=true
gradle.preferredEnvironment=wrapper
maven.resolveDependencies=true
maven.runPreStep=true
maven.aggregateModules=true
maven.ignoredScopes=None
html.resolveDependencies=true
npm.resolveDependencies=true
npm.runPreStep=true
npm.yarnProject=true
go.resolveDependencies=true
go.collectDependenciesAtRuntime=true
go.dependencyManager=
python.resolveDependencies=true
python.ignoreSourceFiles=true
python.runPipenvPreStep=true
python.pipenvDevDependencies=true
python.requirementsFileIncludes=dev-requirements.txt
python.installVirtualenv=true
ruby.resolveDependencies=true
ruby.ignoreSourceFiles=false

#gradle.ignoredScopes=
#gradle.resolveDependencies=true
#gradle.runAssembleCommand=true
#gradle.runPreStep=true
#gradle.ignoreSourceFiles=true
#gradle.aggregateModules=true
#gradle.preferredEnvironment=wrapper
#gradle.localRepositoryPath=
#gradle.wrapperPath=
#gradle.downloadMissingDependencies=false
#gradle.additionalArguments=
#gradle.includedScopes=
#gradle.excludeModules=
#gradle.includeModules=
#gradle.includedConfigurations=
#gradle.ignoredConfigurations=

#paket.resolveDependencies=false
#paket.ignoredGroups=
#paket.ignoreSourceFiles=false
#paket.runPreStep=true
#paket.exePath=

#go.resolveDependencies=false
#go.collectDependenciesAtRuntime=true
#go.dependencyManager=
#go.ignoreSourceFiles=true
#go.glide.ignoreTestPackages=false
#go.gogradle.enableTaskAlias=true

#ruby.resolveDependencies=false
#ruby.ignoreSourceFiles=false
#ruby.installMissingGems=true
#ruby.runBundleInstall=true
#ruby.overwriteGemFile=true

#sbt.resolveDependencies=false
#sbt.ignoreSourceFiles=true
#sbt.aggregateModules=true
#sbt.runPreStep=true
#sbt.includedScopes=

#php.resolveDependencies=false
#php.runPreStep=true
#php.includeDevDependencies=true

#html.resolveDependencies=false

#cocoapods.resolveDependencies=false
#cocoapods.runPreStep=true
#cocoapods.ignoreSourceFiles=false

#hex.resolveDependencies=false
#hex.runPreStep=true
#hex.ignoreSourceFiles=false
#hex.aggregateModules=true

#ant.resolveDependencies=false
#ant.pathIdIncludes=.*
#ant.external.parameters=

#r.resolveDependencies=false
#r.runPreStep=true
#r.ignoreSourceFiles=false
#r.cranMirrorUrl=
#r.packageManager=None

#cargo.resolveDependencies=false
#cargo.runPreStep=true
#cargo.ignoreSourceFiles=false

#haskell.resolveDependencies=false
#haskell.runPreStep=true
#haskell.ignoreSourceFiles=false
#haskell.ignorePreStepErrors=true

#ocaml.resolveDependencies=false
#ocaml.runPrepStep=true
#ocaml.ignoreSourceFiles=false
#ocaml.switchName=
#ocaml.ignoredScopes=none
#ocaml.aggregateModules=true

#bazel.resolveDependencies=false
#bazel.runPrepStep=true

###########################################################################################
# Includes/Excludes Glob patterns - Please use only one exclude line and one include line #
###########################################################################################
includes=**/*.cc **/*.zip **/*.cpp **/*.c **/*.swf **/*.tgz **/*.h **/*.js **/*.hpp **/*.py **/*.gzip **/*.cs **/*.rb **/*.exe **/*.gz **/*.pl **/*.cxx **/*.c++ **/*.hxx **/*.jar **/*.java **/*.go **/*.mod **/*.sum **/*.rb
#includes=**/*.m **/*.mm **/*.js **/*.php
#includes=**/*.jar
#includes=**/*.gem **/*.rb
#includes=**/*.dll **/*.cs **/*.nupkg
#includes=**/*.tgz **/*.deb **/*.gzip **/*.rpm **/*.tar.bz2
#includes=**/*.zip **/*.tar.gz **/*.egg **/*.whl **/*.py

#Exclude file extensions or specific directories by adding **/*.<extension> or **/<excluded_dir>/**
excludes=**/*sources.jar **/*javadoc.jar

case.sensitive.glob=false
followSymbolicLinks=true

######################
# Archive properties #
######################
#archiveExtractionDepth=2
#archiveIncludes=**/*.war **/*.ear
#archiveExcludes=**/*sources.jar

##############
# SCAN MODES #
##############

# Docker images
################
#docker.scanImages=true
#docker.includes=.*.*
#docker.excludes=
#docker.pull.enable=true
#docker.pull.images=.*.*
#docker.pull.maxImages=10
#docker.pull.tags=.*.*
#docker.pull.digest=
#docker.delete.force=true
#docker.login.sudo=false
#docker.projectNameFormat={repositoryNameAndTag|repositoryName|default}
#docker.scanTarFiles=true

#docker.aws.enable=true
#docker.aws.registryIds=

#docker.azure.enable=true
#docker.azure.userName=
#docker.azure.userPassword=
#docker.azure.registryNames=
#docker.azure.authenticationType=containerRegistry
#docker.azure.registryAuthenticationParameters=<registry1UserName>:<registry1Password> <registry2UserName>:<registry2Password>

#docker.gcr.enable=true
#docker.gcr.account=
#docker.gcr.repositories=

#docker.artifactory.enable=true
#docker.artifactory.url=
#docker.artifactory.pullUrl=
#docker.artifactory.userName=
#docker.artifactory.userPassword=
#docker.artifactory.repositoriesNames=
#docker.artifactory.dockerAccessMethod=

#docker.hub.enabled=true
#docker.hub.userName=
#docker.hub.userPassword=
#docker.hub.organizationsNames=

# Docker containers
####################
#docker.scanContainers=true
#docker.containerIncludes=.*.*
#docker.containerExcludes=

# Linux package manager settings
################################
#scanPackageManager=true

# Serverless settings
######################
#serverless.provider=
#serverless.scanFunctions=true
#serverless.includes=
#serverless.excludes=
#serverless.region=
#serverless.maxFunctions=10

# Artifactory settings
########################
#artifactory.enableScan=true
#artifactory.url=
#artifactory.accessToken=
#artifactory.repoKeys=
#artifactory.userName=
#artifactory.userPassword=

##################
# Proxy settings #
##################
#proxy.host=
#proxy.port=
#proxy.user=
#proxy.pass=

################
# SCM settings #
################
#scm.type=
#scm.user=
#scm.pass=
#scm.ppk=
#scm.url=
#scm.branch=
#scm.tag=
#scm.npmInstall=
#scm.npmInstallTimeoutMinutes=
#scm.repositoriesFile=