Skip to main content
Skip table of contents

Build and Deploy the Mend for GitHub Enterprise container images

Overview

The Mend for GitHub Enterprise integration uses 3 containers: a controller container, a scanner container, and a remediate container. This article provides details and instructions for building the images needed to create and deploy the 3 container types.

Getting it Done

Build and Tag the Docker Images

There are three different ways of building the Docker images.

IMPORTANT: By default, a total of three images will be built: wss-ghe-app, wss-scanner, and wss-remediate.

1. Using an Executable Script File

The suggested way to build all the Docker images is by running the build.bat or build.sh executable script file (Windows/Linux).
Both files are located in the root of the extracted agent-4-github-enterprise-<version>.zip or agent-4-github-enterprise-<version>.tar.gz files.

Windows

  1. Run build.bat file which is located in the main folder where you extracted the agent-4-github-enterprise zip file.

  2. In order to ensure that the build succeeded, run docker images command and check if wss-ghe-app and wss-scanner and wss-remediate images were created.

Linux

  1. Run the build.sh file, located in the main folder where you extracted the agent-4-github-enterprise tar.gz file.

  2. In order to ensure that the build succeeded, run the docker images command and check if wss-ghe-app and wss-scanner and wss-remediate images were created.

2. Manually Build the Images

IMPORTANT: If you have already run the build file, please skip these steps and continue to Target machine: Run the Images.

IMPORTANT: If you haven’t completed the preparations for a dedicated SAST container you will need to build it manually.

In case you want to run the steps of the build file manually, you can run the following commands directly:

NONE
docker build -t wss-ghe-app:<version> wss-ghe-app/docker
docker build -t wss-scanner:<version> wss-scanner/docker
docker build -t wss-remediate:<version> wss-remediate/docker

# For dedicated sast: replace "wss-scanner-sast" with the directory 
# with the modified Dockerfile
docker build -t wss-scanner-sast:<version> wss-scanner-sast/docker

# For example:
docker build -t wss-ghe-app:19.5.2 wss-ghe-app/docker
docker build -t wss-scanner:19.5.2 wss-scanner/docker
docker build -t wss-scanner-sast:19.5.2 wss-scanner-sast/docker
docker build -t wss-remediate:19.5.2 wss-remediate/docker

NOTE: From version 21.5.1, the Remediate Docker file supports both Ubuntu 18.04 and Ubuntu 20.04-compatible images. The base image can be changed using the BASE_IMAGE build argument. e.g.

CODE
docker build --build-arg BASE_IMAGE=ubuntu:18.04 -t wss-remediate:21.5.1 wss-remediate/docker

3. Using a Docker Registry

If you are using a private Docker Registry, run the following commands to push the images into your registry:

CODE
docker push <registry>/wss-scanner:<version>
docker push <registry>/wss-scanner:<version>
docker push <registry>/wss-remediate:<version>

# For dedicated sast: rename "wss-scanner-sast" to what your
# dedicated sast image is named.
docker push <registry>/wss-scanner-sast:<version>

# For example:
docker push my-registry/wss-scanner:19.5.2
docker push my-registry/wss-scanner:19.5.2
docker push my-registry/wss-scanner-sast:19.5.2
docker push my-registry/wss-remediate:19.5.2

After executing the commands, you should be able to view the images in your registry.

Next Steps after building the Mend for GitHub Enterprise container images

After successfully building the container images, you are ready to deploy them. We provide instructions for two deployment methods:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.