Google Container Registry Docker Integration
Overview
This topic provides instructions on how to integrate the Google Container Registry Docker with the Unified Agent.
Prerequisites
An authorized account to Google Cloud
Cloud SDK installed with the authorized account to Google Cloud
Docker installed
The relevant package manager must be installed. For details, see https://docs.mend.io/legacy-sca/latest/getting-started-with-the-unified-agent#GettingStartedwiththeUnifiedAgent-Prerequisites .
Make sure Google Cloud SDK is your docker helper. If you didn't run it before, you can do that with the command
gcloud auth configure-dockerGoogle Container Registry API in Cloud Console is enabled, and you can pull images from Google Container Registry
User is already logged in the account in order to have access to cloud repositories:
gcloud auth login
Download Unified Agent & Configuration File
Notice on periodically fetching the Unified Agent
It is advised to use the below commands only once a week to download the latest version of the Unified Agent for performance reasons and not as part of every build. You can do this using a scheduler task, such as cron.
Use the following options to download the latest version of the Mend Unified Agent JAR file and configuration file to your local host.
Windows Using CURL
Download CURL, and add it to your PATH environment variable.
Open a new command prompt.
Run the following commands:
Windows Using CURL
JAVAcurl -LJO "https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar" curl -LJO "https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config"
Windows Using PowerShell
Open a new command prompt.
Run the following commands:
Windows Using PowerShell
JAVApowershell bitsadmin /transfer mydownload /dynamic /download /priority FOREGROUND https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar $pwd\wss-unified-agent.jar powershell bitsadmin /transfer mydownload /dynamic /download /priority FOREGROUND https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config $pwd\wss-unified-agent.configNOTE: If you want to use PowerShell on Windows, ensure that Background Intelligent Transfer Service (BITS) is enabled.
Windows - Manual Download
Download the following files manually using your web browser or any other download manager:
Linux/Unix
Run the following commands from the Linux/Unix bash prompt :
Linux/Unix Using CURL
curl -LJO "https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar"
curl -LJO "https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.config"Update Configuration File
Update the configuration file (wss-unified-agent.config) that you previously downloaded in according to your specific requirements.
Enable the relevant lines by removing the '#' symbol at the beginning of the lines.
Related Parameters
Parameter | Input | Default Value | Description |
|---|---|---|---|
docker.gcr.enable | true or false | false | Enable/Disable google container registry resolving. |
docker.gcr.account | account mail | Empty String | Not mandatory. Specifies which account to set active and work on, cloud SDK can have multiple logged in accounts but may have only one active. |
docker.gcr.repositories | Host-Name/Project-Id | Empty List | A list of repositories separated by comma. If empty, it will use the default repository. Example value: |
Run the Unified Agent
Run the Unified Agent with the modified configuration file via this command:
Run FSA
java -jar wss-unified-agent.jar -apiKey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx -c wss-unified-agent.configScanning Information
The scanner saves your required images and scans all the file system and installed packages. It scans all the image layers, and handles archive files in the layers based on the value in the property 'archiveExtractionDepth'.
The Docker image is saved to the temporary directory defined in your environment and is deleted immediately after the scan.
The scanning results are presented in a new Mend project identified by the name of the image in the following format: <image id> <repository> <tag>. The project is created in the Mend product specified in the configuration file or command line.