Use CircleCI version 2.1 at the top of your .circleci/config.yml file.
1
version: 2.1
Add the orbs
stanza below your version, invoking the orb:
1
2
orbs:
whitesource-scan: whitesource/whitesource-scan@21.6.3
Use whitesource-scan
elements in your existing workflows and jobs.
Opt-in to use of uncertified orbs on your organization’s Security settings page.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
api_key | Unique identifier of the organization. Can be retrieved from the admin page in your WhiteSource account. | No | ${API_KEY} | string |
directory | Comma separated list of directories and / or files to scan. | No | . | string |
config_file_path | Configuration file name (including file path). | No | whitesource-fs-agent.config | string |
commands_file_path | install commands file (including file path) | No | install_commands.sh | string |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# This code is licensed from CircleCI to the user under the MIT license.
# See here for details: https://circleci.com/developer/orbs/licensing
version: 2.1
description: "The orb integrates WhiteSource Unified Agent, a tool for detecting security vulnerabilities and compliance data related to open source components. For more information: https://whitesource.atlassian.net/wiki/spaces/WD/pages/804814917/Unified+Agent+Overview"
display:
home_url: https://www.whitesourcesoftware.com
source_url: https://github.com/whitesource/whitesource_orb
executors:
java:
description: The docker container to run java commands
docker:
- image: whitesourcesoftware/ua-base:v2
jobs:
scan:
executor: java
parameters:
api_key:
description: Unique identifier of the organization. Can be retrieved from the admin page in your WhiteSource account.
type: string
default: "${API_KEY}"
directory:
description: Comma separated list of directories and / or files to scan.
type: string
default: "."
config_file_path:
description: Configuration file name (including file path).
type: string
default: "whitesource-fs-agent.config"
commands_file_path:
description: install commands file (including file path)
type: string
default: "install_commands.sh"
steps:
- checkout
- run:
command: |
if [[ -z "<< parameters.api_key >>" ]]; then
echo "API_KEY has not been set, please set it up in the project environment variables since its mandatory"
exit 1
else
if [[ -f << parameters.commands_file_path >> ]]
then
echo "Executing file: install_commands.sh"
echo ""
chmod +x << parameters.commands_file_path >>
./<< parameters.commands_file_path >>
fi
bash <(curl -s -L https://raw.githubusercontent.com/whitesource/unified-agent-distribution/master/standAlone/wss_agent_orb.sh) -apiKey << parameters.api_key >> -c << parameters.config_file_path >> -d << parameters.directory >>
fi