This is a Concourse resource for Blackduck.
Shortcut: Pipeline example
Use this resource by adding the following to
the resource_types section of a pipeline config:
resource_types:
- name: blackduck
type: registry-image
source:
repository: lgohr/blackduck-resource
tag: latestConfigure as follows:
resources:
- name: my-blackduck
type: blackduck
source:
url: https://my.blackduck.server
username: ((my-secret-username))
password: ((my-secret-password))
name: myScanProject| Argument | Mandatory | Description |
|---|---|---|
url |
Mandatory | URL of your Blackduck instance e.g. https://my-synopsys.com/blackduck. |
name |
Mandatory | Project name in Blackduck. |
username |
Mandatory | Username, which is used to authenticate on Blackduck. |
password |
Mandatory | Password, which is used to authenticate on Blackduck. |
insecure |
Optional | In case your Blackduck uses a self-signed certificate, it's pinned with the first request. |
proxy-host |
Optional | In case your Concourse needs to use a proxy to connect to Blackduck. |
proxy-port |
Optional | In case your Concourse needs to use a proxy to connect to Blackduck. |
proxy-username |
Optional | In case your Concourse needs to use a proxy to connect to Blackduck. |
proxy-password |
Optional | In case your Concourse needs to use a proxy to connect to Blackduck. |
It seems like Blackduck doesn't support Tokens for API-Access (in the scanner it would work fine).
As the configuration should be clean and understandable, the token is not supported. Sorry.
The resource will provide the latest version changes on Blackduck as a file for later use.
The resource will analyse your provided content and push it to the provided Blackduck instance.
- put: my-blackduck
params: {directory: source-code}directory: Required. The path of the repository to analyze.