Skip to content

Commit ef40275

Browse files
authored
Add .whitesource and config files to activate whitesource integration (opensearch-project#165)
* Add .whitesource and config files to trigger whitesource integration Signed-off-by: Zelin Hao <zelinhao@amazon.com> * Remove duplicate code for example config Signed-off-by: Zelin Hao <zelinhao@amazon.com>
1 parent 34009d2 commit ef40275

File tree

2 files changed

+389
-0
lines changed

2 files changed

+389
-0
lines changed

.whitesource

+15
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
{
2+
"scanSettings": {
3+
"configMode": "LOCAL",
4+
"configExternalURL": "",
5+
"projectToken": "",
6+
"baseBranches": []
7+
},
8+
"checkRunSettings": {
9+
"vulnerableCheckRunConclusionLevel": "failure",
10+
"displayMode": "diff"
11+
},
12+
"issueSettings": {
13+
"minSeverityLevel": "LOW"
14+
}
15+
}

whitesource.config

+374
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,374 @@
1+
###############################################################
2+
# WhiteSource Unified-Agent configuration file
3+
# WhiteSource User Guide: https://whitesource.atlassian.net/wiki/spaces/WD/pages/34111720/WhiteSource+User+Guide
4+
# WhiteSource Integration with Github.com: https://whitesource.atlassian.net/wiki/spaces/WD/pages/697696422/WhiteSource+for+GitHub.com
5+
# WhiteSource Unified Agent Configurations: https://whitesource.atlassian.net/wiki/spaces/WD/pages/1544880156/Unified+Agent+Configuration+Parameters
6+
###############################################################
7+
# GENERAL SCAN MODE: Files and Package Managers
8+
###############################################################
9+
# Organization vitals
10+
######################
11+
12+
#apiKey='${wss_apikey}'
13+
apiKey=
14+
#userKey is required if WhiteSource administrator has enabled "Enforce user level access" option
15+
#userKey=
16+
#requesterEmail=user@provider.com
17+
18+
projectName=
19+
projectVersion=
20+
projectToken=
21+
#projectTag= key:value
22+
23+
productName=
24+
productVersion=
25+
productToken=
26+
27+
#projectPerFolder=true
28+
#projectPerFolderIncludes=
29+
#projectPerFolderExcludes=
30+
31+
#wss.connectionTimeoutMinutes=60
32+
33+
# Change the below URL to your WhiteSource server.
34+
# Use the 'WhiteSource Server URL' which can be retrieved
35+
# from your 'Profile' page on the 'Server URLs' panel.
36+
# Then, add the '/agent' path to it.
37+
wss.url=https://saas.whitesourcesoftware.com/agent
38+
#wss.url=https://app.whitesourcesoftware.com/agent
39+
#wss.url=https://app-eu.whitesourcesoftware.com/agent
40+
41+
############
42+
# Policies #
43+
############
44+
checkPolicies=false
45+
forceCheckAllDependencies=false
46+
forceUpdate=false
47+
forceUpdate.failBuildOnPolicyViolation=false
48+
#updateInventory=false
49+
50+
###########
51+
# General #
52+
###########
53+
#offline=false
54+
#updateType=APPEND
55+
#ignoreSourceFiles=true
56+
#scanComment=
57+
#failErrorLevel=ALL
58+
#requireKnownSha1=false
59+
60+
#generateProjectDetailsJson=true
61+
#generateScanReport=true
62+
#scanReportTimeoutMinutes=10
63+
#scanReportFilenameFormat=
64+
65+
#analyzeFrameworks=true
66+
#analyzeFrameworksReference=
67+
68+
#updateEmptyProject=false
69+
70+
#log.files.level=
71+
#log.files.maxFileSize=
72+
#log.files.maxFilesCount=
73+
#log.files.path=
74+
75+
########################################
76+
# Package Manager Dependency resolvers #
77+
########################################
78+
#excludeDependenciesFromNodes=.*commons-io.*,.*maven-model
79+
80+
resolveAllDependencies=false
81+
archiveExtractionDepth=7
82+
followSymbolicLinks=true
83+
gradle.resolveDependencies=true
84+
gradle.aggregateModules=true
85+
gradle.preferredEnvironment=wrapper
86+
maven.resolveDependencies=true
87+
maven.runPreStep=true
88+
maven.aggregateModules=true
89+
maven.ignoredScopes=None
90+
html.resolveDependencies=true
91+
npm.resolveDependencies=true
92+
npm.runPreStep=true
93+
npm.yarnProject=true
94+
go.resolveDependencies=true
95+
go.collectDependenciesAtRuntime=true
96+
go.dependencyManager=
97+
python.resolveDependencies=true
98+
python.ignoreSourceFiles=true
99+
python.runPipenvPreStep=true
100+
python.pipenvDevDependencies=true
101+
python.requirementsFileIncludes=dev-requirements.txt
102+
python.installVirtualenv=true
103+
ruby.resolveDependencies=true
104+
ruby.ignoreSourceFiles=false
105+
106+
#npm.resolveDependencies=false
107+
#npm.ignoreSourceFiles=false
108+
#npm.includeDevDependencies=true
109+
#npm.runPreStep=true
110+
#npm.ignoreNpmLsErrors=true
111+
#npm.ignoreScripts=true
112+
#npm.yarnProject=true
113+
#npm.accessToken=
114+
#npm.identifyByNameAndVersion=true
115+
#npm.yarn.frozenLockfile=true
116+
#npm.resolveMainPackageJsonOnly=true
117+
#npm.removeDuplicateDependencies=false
118+
#npm.resolveAdditionalDependencies=true
119+
#npm.failOnNpmLsErrors =
120+
#npm.projectNameFromDependencyFile = true
121+
#npm.resolveGlobalPackages=true
122+
#npm.resolveLockFile=true
123+
124+
#bower.resolveDependencies=false
125+
#bower.ignoreSourceFiles=true
126+
#bower.runPreStep=true
127+
128+
#nuget.resolvePackagesConfigFiles=false
129+
#nuget.resolveCsProjFiles=false
130+
#nuget.resolveDependencies=false
131+
#nuget.restoreDependencies=true
132+
#nuget.preferredEnvironment=
133+
#nuget.packagesDirectory=
134+
#nuget.ignoreSourceFiles=false
135+
#nuget.runPreStep=true
136+
#nuget.resolveNuspecFiles=false
137+
#nuget.resolveAssetsFiles=true
138+
139+
#python.resolveDependencies=false
140+
#python.ignoreSourceFiles=false
141+
#python.ignorePipInstallErrors=true
142+
#python.installVirtualenv=true
143+
#python.resolveHierarchyTree=false
144+
#python.requirementsFileIncludes=requirements.txt
145+
#python.resolveSetupPyFiles=true
146+
#python.runPipenvPreStep=true
147+
#python.pipenvDevDependencies=true
148+
#python.IgnorePipenvInstallErrors=true
149+
#python.resolveGlobalPackages=true
150+
#python.localPackagePathsToInstall=/path/to/local/dependency.egg, /path/to/local/dependency.zip
151+
#python.resolvePipEditablePackages
152+
#python.path=/path/to/python
153+
#python.pipPath=/path/to/pip
154+
#python.runPoetryPreStep=true
155+
#python.includePoetryDevDependencies=true
156+
157+
#maven.ignoredScopes=test provided
158+
#maven.resolveDependencies=false
159+
#maven.ignoreSourceFiles=true
160+
#maven.aggregateModules=true
161+
#maven.ignorePomModules=false
162+
#maven.runPreStep=true
163+
#maven.ignoreMvnTreeErrors=true
164+
#maven.environmentPath=
165+
#maven.m2RepositoryPath=
166+
#maven.downloadMissingDependencies=false
167+
#maven.additionalArguments=
168+
#maven.projectNameFromDependencyFile=true
169+
170+
#gradle.ignoredScopes=
171+
#gradle.resolveDependencies=true
172+
#gradle.runAssembleCommand=true
173+
#gradle.runPreStep=true
174+
#gradle.ignoreSourceFiles=true
175+
#gradle.aggregateModules=true
176+
#gradle.preferredEnvironment=wrapper
177+
#gradle.localRepositoryPath=
178+
#gradle.wrapperPath=
179+
#gradle.downloadMissingDependencies=false
180+
#gradle.additionalArguments=
181+
#gradle.includedScopes=
182+
#gradle.excludeModules=
183+
#gradle.includeModules=
184+
#gradle.includedConfigurations=
185+
#gradle.ignoredConfigurations=
186+
187+
#paket.resolveDependencies=false
188+
#paket.ignoredGroups=
189+
#paket.ignoreSourceFiles=false
190+
#paket.runPreStep=true
191+
#paket.exePath=
192+
193+
#go.resolveDependencies=false
194+
#go.collectDependenciesAtRuntime=true
195+
#go.dependencyManager=
196+
#go.ignoreSourceFiles=true
197+
#go.glide.ignoreTestPackages=false
198+
#go.gogradle.enableTaskAlias=true
199+
200+
#ruby.resolveDependencies=false
201+
#ruby.ignoreSourceFiles=false
202+
#ruby.installMissingGems=true
203+
#ruby.runBundleInstall=true
204+
#ruby.overwriteGemFile=true
205+
206+
#sbt.resolveDependencies=false
207+
#sbt.ignoreSourceFiles=true
208+
#sbt.aggregateModules=true
209+
#sbt.runPreStep=true
210+
#sbt.includedScopes=
211+
212+
#php.resolveDependencies=false
213+
#php.runPreStep=true
214+
#php.includeDevDependencies=true
215+
216+
#html.resolveDependencies=false
217+
218+
#cocoapods.resolveDependencies=false
219+
#cocoapods.runPreStep=true
220+
#cocoapods.ignoreSourceFiles=false
221+
222+
#hex.resolveDependencies=false
223+
#hex.runPreStep=true
224+
#hex.ignoreSourceFiles=false
225+
#hex.aggregateModules=true
226+
227+
#ant.resolveDependencies=false
228+
#ant.pathIdIncludes=.*
229+
#ant.external.parameters=
230+
231+
#r.resolveDependencies=false
232+
#r.runPreStep=true
233+
#r.ignoreSourceFiles=false
234+
#r.cranMirrorUrl=
235+
#r.packageManager=None
236+
237+
#cargo.resolveDependencies=false
238+
#cargo.runPreStep=true
239+
#cargo.ignoreSourceFiles=false
240+
241+
#haskell.resolveDependencies=false
242+
#haskell.runPreStep=true
243+
#haskell.ignoreSourceFiles=false
244+
#haskell.ignorePreStepErrors=true
245+
246+
#ocaml.resolveDependencies=false
247+
#ocaml.runPrepStep=true
248+
#ocaml.ignoreSourceFiles=false
249+
#ocaml.switchName=
250+
#ocaml.ignoredScopes=none
251+
#ocaml.aggregateModules=true
252+
253+
#bazel.resolveDependencies=false
254+
#bazel.runPrepStep=true
255+
256+
###########################################################################################
257+
# Includes/Excludes Glob patterns - Please use only one exclude line and one include line #
258+
###########################################################################################
259+
includes=**/*.cc **/*.zip **/*.cpp **/*.c **/*.swf **/*.tgz **/*.h **/*.js **/*.hpp **/*.py **/*.gzip **/*.cs **/*.rb **/*.exe **/*.gz **/*.pl **/*.cxx **/*.c++ **/*.hxx **/*.jar **/*.java **/*.go **/*.mod **/*.sum **/*.rb
260+
#includes=**/*.m **/*.mm **/*.js **/*.php
261+
#includes=**/*.jar
262+
#includes=**/*.gem **/*.rb
263+
#includes=**/*.dll **/*.cs **/*.nupkg
264+
#includes=**/*.tgz **/*.deb **/*.gzip **/*.rpm **/*.tar.bz2
265+
#includes=**/*.zip **/*.tar.gz **/*.egg **/*.whl **/*.py
266+
267+
#Exclude file extensions or specific directories by adding **/*.<extension> or **/<excluded_dir>/**
268+
excludes=**/*sources.jar **/*javadoc.jar
269+
270+
case.sensitive.glob=false
271+
followSymbolicLinks=true
272+
273+
######################
274+
# Archive properties #
275+
######################
276+
#archiveExtractionDepth=2
277+
#archiveIncludes=**/*.war **/*.ear
278+
#archiveExcludes=**/*sources.jar
279+
280+
##############
281+
# SCAN MODES #
282+
##############
283+
284+
# Docker images
285+
################
286+
#docker.scanImages=true
287+
#docker.includes=.*.*
288+
#docker.excludes=
289+
#docker.pull.enable=true
290+
#docker.pull.images=.*.*
291+
#docker.pull.maxImages=10
292+
#docker.pull.tags=.*.*
293+
#docker.pull.digest=
294+
#docker.delete.force=true
295+
#docker.login.sudo=false
296+
#docker.projectNameFormat={repositoryNameAndTag|repositoryName|default}
297+
#docker.scanTarFiles=true
298+
299+
#docker.aws.enable=true
300+
#docker.aws.registryIds=
301+
302+
#docker.azure.enable=true
303+
#docker.azure.userName=
304+
#docker.azure.userPassword=
305+
#docker.azure.registryNames=
306+
#docker.azure.authenticationType=containerRegistry
307+
#docker.azure.registryAuthenticationParameters=<registry1UserName>:<registry1Password> <registry2UserName>:<registry2Password>
308+
309+
#docker.gcr.enable=true
310+
#docker.gcr.account=
311+
#docker.gcr.repositories=
312+
313+
#docker.artifactory.enable=true
314+
#docker.artifactory.url=
315+
#docker.artifactory.pullUrl=
316+
#docker.artifactory.userName=
317+
#docker.artifactory.userPassword=
318+
#docker.artifactory.repositoriesNames=
319+
#docker.artifactory.dockerAccessMethod=
320+
321+
#docker.hub.enabled=true
322+
#docker.hub.userName=
323+
#docker.hub.userPassword=
324+
#docker.hub.organizationsNames=
325+
326+
# Docker containers
327+
####################
328+
#docker.scanContainers=true
329+
#docker.containerIncludes=.*.*
330+
#docker.containerExcludes=
331+
332+
# Linux package manager settings
333+
################################
334+
#scanPackageManager=true
335+
336+
# Serverless settings
337+
######################
338+
#serverless.provider=
339+
#serverless.scanFunctions=true
340+
#serverless.includes=
341+
#serverless.excludes=
342+
#serverless.region=
343+
#serverless.maxFunctions=10
344+
345+
# Artifactory settings
346+
########################
347+
#artifactory.enableScan=true
348+
#artifactory.url=
349+
#artifactory.accessToken=
350+
#artifactory.repoKeys=
351+
#artifactory.userName=
352+
#artifactory.userPassword=
353+
354+
##################
355+
# Proxy settings #
356+
##################
357+
#proxy.host=
358+
#proxy.port=
359+
#proxy.user=
360+
#proxy.pass=
361+
362+
################
363+
# SCM settings #
364+
################
365+
#scm.type=
366+
#scm.user=
367+
#scm.pass=
368+
#scm.ppk=
369+
#scm.url=
370+
#scm.branch=
371+
#scm.tag=
372+
#scm.npmInstall=
373+
#scm.npmInstallTimeoutMinutes=
374+
#scm.repositoriesFile=

0 commit comments

Comments
 (0)