Skip to main content
Skip table of contents

Mend Integration Containers

Overview

The Mend Repo Integrations are self-hosted Integrations. This means customers host the integration containers in their own environment. The Mend Repo Integrations consists of three containers: a controller container, a scanner container, and a remediate container. This article provides details about the three container types.

How the Mend Integration Containers Work

The Controller Container listens to webhooks from supported version control systems such as GitHub Enterprise, GitLab, and Bitbucket Server and Data Center. The Controller Container is responsible for the following tasks:

  • Onboarding PRs

  • Mend Security Check-runs

  • Mend Code Security Check-runs

  • Creating Issues

  • checks queue health

  • Monitors connectivity with the Mend servers

  • Communicates with the Mend servers via API to pull scan data from the shadow org.

The Scanner Container, also known as the SCM Scanner, is responsible for the following tasks:

  • Pulling scan requests from the scanner queue

  • Cloning the repo

  • Running the Unified Agent, PSB, and SAST CLI

  • Sending the update request to the Mend servers for indexing.

The Remediate Container, by default, entails the Remediate Server. The Remediate Server does all tasks related to Remediate and Renovate, including:

  • The scheduler

  • Job queue

  • Webhook handling

  • Create Remediate PRs for vulnerability fixes

  • Create Renovate PRs for update fixes

However, you can build out Remediate horizontally. By default, the same Remediate Docker image is used for both Server and Worker functionality.

When scaled horizontally:

  • One Remediate Server container and separate Remediate Worker container(s) (encapsulated by the “Remediate container" term) are used.

  • The Remediate Worker(s) cover processing the repositories and Renovate. You can have multiple Remediate Workers.

  • The Remediate Server still covers the scheduler, job queue, and webhook handling

Reference

For more information on supported repo integrations, refer to the following articles:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.