Skip to main content
Skip table of contents

Understand the results of Mend for GitHub Enterprise Code Source

Once Mend for GitHub Enterprise Code Source completes, individual pull requests (PR) are created for each Dockerfile that does not already contain the Code Source labels.

Note:

  • If the labels are removed, on the next push event, Mend for GitHub Enterprise Code Source will recheck your Dockerfiles and open a new PR accordingly to re-add them.

  • Mend for GitHub Enterprise Code Source PR applies the labels at the end of your Dockerfile, ensuring your container image build process is not disrupted later on.

Reference

Mend for GitHub Enterprise Code Source pull request

The Code Source pull request (PR) will initiate from a branch named mend/container-labels-{md5 of the docker file path}.

The title of the Code Source PR will be “Create container traceability labels for <path_to_Dockerfile>"

You can then merge this PR into your base branch, adding the labels to the relevant Dockerfile.

Code Source results in the Mend Application

Note:

  • This entire section is only applicable for the Legacy SCA Application.

  • To access the Cloud Native UI, you must have organization administrator permissions for your Mend organization.

Once the Code Source PR is merged, in collaboration with implementing the Mend CLI into your pipeline and scanning your built container image with the Mend CLI, your Code Source results will appear in the Mend Application → Cloud Native UI.

Images dashboard - At-a-glance

Within the Mend Application:

  1. Navigate to the Cloud Native UI:

  2. Click on the Images dashboard:

In the Images dashboard, you can see the name of the source repository that was added via the org.opencontainers.image.source label from Code Source. This value is within the Source Repository column of the Images dashboard table:

Images dashboard - Individual image details

Within the Mend Application:

  1. Navigate to the Cloud Native UI:

  2. Click on the Images dashboard:

  3. Select a specific image to pull up its Image Details sidebar and click on the “<<“ icon to pull up the full details view of the image:

In the Images details, you can see:

  1. Docker file: The directory path to the image’s Dockerfile within the repository. This is associated with the io.mend.image.dockerfile.path label from Code Source.

  2. Repository: The Repository URL of the image. This is associated with the org.opencontainers.image.source label from Code Source.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close