ws-nexus-integration is a command line tool to scan Nexus repositories.
This tool can be deployed either on the Nexus host or on a separate machine that has access to the Nexus instance.
Supported formats: maven2, npm, pypi, rubygems, nuget, docker and raw.
- Nexus Repository Manager 3.x (any edition)
- Java VM > 8
- Docker
- Python 3.7 or above
- Install ws-nexus-integration:
pip install ws-nexus-integration - Download and edit params.config (available on git)
- Execute
ws_nexus_integration <path/to/params.config>
===================================================================================================================
| Group | Parameter | Description |
===================================================================================================================
| Nexus Settings | NexusBaseUrl | Nexus instance base URL (Default: http://localhost:8081) |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusAuthToken | Nexus auth token (base64 encoded) |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusUser | Nexus username. Required if NexusAuthToken is not specified |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusPassword | Nexus password. Required if NexusAuthToken is not specified |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusRepositories | Comma-separated list of repository names to scan. |
-------------------------------------------------------------------------------------------------------------------
| General Settings | NexusExcludedRepos| Comma-separated list of repository names to excluded from scan. |
| | itories | |
-------------------------------------------------------------------------------------------------------------------
| General Settings | NexusDockerRepos | In case of docker repository , |
| | ImagesIncludes | Comma-separated regex list of images expressions to be included |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusAltDocker | Allow specifying specific registry URL (host:port) to download docker|
| | RegistryAddress | images (i.e, when registry is under NAT due to Nexus K8S deployment).|
===================================================================================================================
| WhiteSource Settings | WSApiKey | WhiteSource API Key, can be found under the 'Integrate' tab in your |
| | | WhiteSource organization. |
-------------------------------------------------------------------------------------------------------------------
| WhiteSource Settings | WSUserKey | WhiteSource User Key, can be found under the 'user profile' tab in |
| | | your WhiteSource organization. |
-------------------------------------------------------------------------------------------------------------------
| WhiteSource Settings | WSProductName | The WhiteSource product that will aggregate all scanned repositories.|
-------------------------------------------------------------------------------------------------------------------
| WhiteSource Settings | WSCheckPolicies | Whether to enable WhiteSource policy check for scanned repositories. |
-------------------------------------------------------------------------------------------------------------------
| WhiteSource Settings | WSLang | (Optional) allow passing a comma seperated list of suffices of |
| | | artifacts to scan in Docker (default: empty). |
-------------------------------------------------------------------------------------------------------------------
| WhiteSource Settings | WSUrl | WhiteSource server URL, can be found under the 'Integrate' tab in |
| | | your WhiteSource organization. |
===================================================================================================================
-------------------------------------------------------------------------------------------------------------------
| General Settings | ThreadCount | Multi-threading speeds up the scan preperation phase, but it depends |
| | | on your environment capabilities (default: 5). |
===================================================================================================================
=================================================================================================
| Code | Message | Description |
=================================================================================================
| 0 | SUCCESS | |
-------------------------------------------------------------------------------------------------
| 1 | FAILED | Prerequisites, configuration or general errors |
-------------------------------------------------------------------------------------------------
| -1 | ERROR | WhiteSource scan general error |
-------------------------------------------------------------------------------------------------
| -2 | POLICY_VIOLATION | WhiteSource policy violation |
-------------------------------------------------------------------------------------------------
| -3 | CLIENT_FAILURE | WhiteSource scan client side error |
-------------------------------------------------------------------------------------------------
| -4 | CONNECTION_FAILURE | WhiteSource agent failed to connect to the application server. |
-------------------------------------------------------------------------------------------------
| -5 | SERVER_FAILURE | WhiteSource scan server side error |
=================================================================================================