Skip to main content
Skip table of contents

Configure Mend for GitHub.com Code Source

Overview

Mend for GitHub.com Code Source offers several parameters to configure its functionality.

Getting it done

Configuration at the local repository level is done via the .whitesource file. To set up your configuration file for Code Source, see the Repository Parameters section provided in this documentation. Below is an example of fine-tuning Code Source within a repository’s .whitesource file:

CODE
{ 
  "scanSettings": {
    "baseBranches": ["development"]
  },
  "imageSettings": {
    "imageTracing": {
        "enableImageTracingPR": true,
        "addDockerfilePath": true,
        "addRepositoryCoordinates": true
    }
  }
}

Note: For global configuration, parameters are set via the repo-config.json file. See our Set up a global configuration for Mend for GitHub.com documentation for more information.

Reference

Repository Parameters

The parameters provided in this article are necessary to properly configure the Code Source feature.

Note: For the full set of Mend for GitHub.com configurations across our other solutions, visit the relevant documentation below:

Scan Settings (scanSettings)

Parameter

Type

Description

baseBranches

Array

Optional. Default Value: Your GitHub.com "default" branch. Adds the ability to specify one or more base branches for which scanning results will be sent to a new Mend project.

Example usage: 

CODE
"baseBranches": ["master", “integration"]

This will set both master and integration branches as base branches.

Note:

  • An Issue will only be created for the specified branch names.

  • For each specified branch, a Mend project will be created in the Mend SCA application. The name of the project will contain a suffix "_branchname". For example, MyApp_dev. This suffix will not apply to the default branch.

Container image settings (imageSettings)

Parameter

Type

Description

imageTracing.enableImageTracingPR

Boolean

Optional. Default Value: false. The available parameter values are:

  • true - Activate the Dockerfile labeling. This parameter is required if the addDockerfilePath and/or addRepositoryCoordinates parameters are set to true.

  • false - Disable the Dockerfile labeling

imageTracing.addDockerfilePath

Boolean

Optional. Default Value: false. The available parameter values are:

  • true - Add the relative path of the Dockerfile within the repository as a label in the Dockerfile

  • false - Do not include the relative path of the Dockerfile within the repository as a label in the Dockerfile

The format of the Dockerfile label is:

CODE
LABEL io.mend.image.dockerfile.path=

imageTracing.addRepositoryCoordinates

Boolean

Optional. Default Value: false. The available parameter values are:

  • true - Adding the repository URL as a label in the Dockerfile

  • false - Do not add the repository URL as a label in the Dockerfile

The format of the Dockerfile label is:

CODE
LABEL org.opencontainers.image.source=

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.