Skip to end of metadata
Go to start of metadata

General Information

This plugin integrates Artifactory Artifacts with WhiteSource.

The Artifactory plugin adds additional information to the Artifactory artifacts.  

Once invoked, all the artifacts on your Artifactory will be in analyzed by WhiteSource.

  • Policies will be enforced and policy details will be added to the artifacts property tab, WSS-Acrion (Approve/Reject) and WSS-Policy-Details.
  • Additional data for each artifact will be added to the property tab: WSS-Licenses, WSS-Description, WSS-Homepage and WSS-Vulnerabilities.

The plugin is licensed under the Apache 2.0 license.

Note: The plugin scans repositories with no more than 10000 artifacts.

How It Works

The Artifactory plugin works in two modes:

  1. Cron based job - when invoked, repositories artifacts will be checked in WhiteSource and additional data will be added to the property tab of each artifact.
  2. Adding new Artifact - when uploaded, new artifact will be checked in WhiteSource. Policies will be checked and additional data will be added to the property tab of the artifact.

Installation

Download

Download the latest version.

VersionFileFeaturesRelease DateMD5
1.0.1.2whitesource-artifactory-plugin-1.0.1.2.zip Split vulnerability link and severity into 2 lines.2016-07-17FA1BE663ED9A0526237ED1B03D97ADCC
1.0.1.1whitesource-artifactory-plugin-1.0.1.1.zipBug fixes. rename properties file.2016-05-03272692C2CD8C04DA0BE3E9858248A717
1.0.1whitesource-artifactory-plugin-1.0.1.zipAdd setup.groovy file to automatically install dependencies.2016-04-27D2BA5AC9B45EEEA144BA324924BB1C85
1.0.0whitesource-artifactory-plugin-1.0.0.zipCheck Policies and Add additional data to the Artifact property tab.2016-04-07e2654abeb61162044495e49e6845eb2e

GitHub Repository

Installation

  1. Download the zip file.
  2. Extract the zip file. 
  3. Put the whitesource-artifactory-plugin.properties and whitesource-artifactory-plugin.groovy files under ../path/to/your/artifactory/etc/plugins/
  4. Create 'lib' folder under  .../path/to/your/artifactory/etc/plugins/lib 
  5. Download the latest version of the following jars and put them in the lib folder
    wss-agent-report
    wss-agent-api-client
    wss-agent-api
  6. Schedule the job in whitesource-artifactory-plugin.groovy file.
  7. Restart Artifactory.

 

Cron Scheduling Example:

Open the whitesource-artifactory-plugin.groovy file in a txt editor and go to the "jobs" section.

Find row similar to this:  updateRepoWithWhiteSource(cron"* * * * * ?")  and schedule the job to a specific running time.

Cron parameters (from left to right) :

1 - seconds, 2 - Minutes, 3 - Hours, 4 - Day-of-Month, 5 - Month, 6 - Day-of-Week, 7 - Year (optional field).

Examples:

"0 42 10 * * ?" - Build a trigger that will fire daily at 10:42 am.

"0 0/2 8-17 * * ?" - Build a trigger that will fire every other minute, between 8am and 5pm, every day. 


Properties file example:

Properties File

Configuration

General Parameters

AttributeTypeDescriptionRequiredAdditional Information
apiKeyStringUnique identifier of the organization, can be retrieved from the admin page in your WhiteSource account.Yes 
checkPoliciesbooleanWhether or not to send the check policies request to WhiteSource.No 
repoKeys
Array

The list of the repositories to scan.

Yes 
wss.urlStringURL to send the request to.No, defaults to https://saas.whitesourcesoftware.com/agent 
Labels
  • None