Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/elgohr/concourse-blackduck
This is a Concourse resource for Blackduck
https://github.com/elgohr/concourse-blackduck
blackduck blackducksoftware concourse concourse-ci concourse-resource security-scanner
Last synced: 16 days ago
JSON representation
This is a Concourse resource for Blackduck
- Host: GitHub
- URL: https://github.com/elgohr/concourse-blackduck
- Owner: elgohr
- License: apache-2.0
- Created: 2019-04-11T19:13:39.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2024-09-04T23:38:15.000Z (2 months ago)
- Last Synced: 2024-10-10T18:46:47.533Z (about 1 month ago)
- Topics: blackduck, blackducksoftware, concourse, concourse-ci, concourse-resource, security-scanner
- Language: Go
- Size: 200 KB
- Stars: 6
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Concourse Blackduck Resource
[](https://github.com/elgohr/concourse-blackduck/actions)
[](https://github.com/elgohr/concourse-blackduck/actions)
This is a [Concourse](https://concourse-ci.org/) resource for [Blackduck](https://www.blackducksoftware.com).
## Installing
`Shortcut`: [Pipeline example](https://github.com/elgohr/concourse-blackduck/blob/master/example-pipeline.yml)
Use this resource by adding the following to
the `resource_types` section of a pipeline config:
```yaml
resource_types:
- name: blackduck
type: registry-image
source:
repository: lgohr/blackduck-resource
tag: latest
```
## Source configuration
Configure as follows:
```yaml
resources:
- name: my-blackduck
type: blackduck
source:
url: https://my.blackduck.server
username: ((my-secret-username))
password: ((my-secret-password))
name: myScanProject
```
| Argument | Mandatory | Description |
|-----------------|-------------------------|--------------------------------------------------------------------------------------------|
| `url` | *Mandatory* | URL of your Blackduck instance e.g. `https://my-synopsys.com/blackduck`. |
| `name` | *Mandatory* | Project name in Blackduck. |
| `username` | *Mandatory* | Username, which is used to authenticate on Blackduck. |
| `password` | *Mandatory* | Password, which is used to authenticate on Blackduck. |
| `insecure` | *Optional* | In case your Blackduck uses a self-signed certificate, it's pinned with the first request. |
| `proxy-host` | *Optional* | In case your Concourse needs to use a proxy to connect to Blackduck. |
| `proxy-port` | *Optional* | In case your Concourse needs to use a proxy to connect to Blackduck. |
| `proxy-username`| *Optional* | In case your Concourse needs to use a proxy to connect to Blackduck. |
| `proxy-password`| *Optional* | In case your Concourse needs to use a proxy to connect to Blackduck. |
It seems like Blackduck doesn't support Tokens for API-Access (in the scanner it would work fine).
As the configuration should be clean and understandable, the token is not supported. Sorry.
## `in`: Get Results
The resource will provide the latest version changes on Blackduck as a file for later use.
## `out`: Analysis
The resource will analyse your provided content and push it to the provided Blackduck instance.
### Parameters
```yaml
- put: my-blackduck
params: {directory: source-code}
```
* `directory`: *Required.* The path of the repository to analyze.