Versions Compared

Old Version 20

changes.mady.by.user Ray O'Meara

Saved on

compared with

New Version Current

changes.mady.by.user Ray O'Meara

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Info
iconfalse
titleNote

This solution is no longer supported with the general availability of GitHub Actions, . Synopsys recommends evaluating the Synopsys Detect GitHub Action to determine if it's a better solution than the Black Duck GitHub Pull Request Scanner (GHPRS). As GitHub Actions become more prevalent, Synopsys will begin to take steps start to deprecate GHPRS. Please send any thoughts or questions to Email  partner-solutions@synopsys.com with any questions or opinions.


Version 1.0.2

Table of Contents

Overview

...

  1. In a Bash shell, navigate to the setup directory in the directory where you cloned the repository.

  2. Copy a PKCS12 trust store file as keys/ui/keystore.p12.
    To generate a self-signed key, run the following command:

    Code Block
    themeRDark
    keytool -genkey -alias hub-scm -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keys/ui/keystore.p12 -validity 36500


  3. Respond to the prompts, and make a note of the password because you use it in the next step.

  4. Add the following command to your shell environment, and substitute mypassword with the password from step 3.

    Code Block
    themeRDark
    export UI_STARTUP_OPTS="-Dserver.ssl.key-store=/opt/keys/keystore.p12 -Dserver.ssl.key-store-password=mypassword -Dserver.ssl.keyStoreType=PKCS12 -Dserver.ssl.keyAlias=hub-scm"


  5. Restart the application by running the following command:
    ./shutdown.sh followed by ./startup.sh

...

  1. On the navigation bar, click SCMs.
    An empty list of SCMs displays.
  2. Click New to open the Add repository screen, and then complete the following fields:
    • Name: friendly name for this SCM repository.
    • API Token: this token enables the Black Duck GPRS to check GitHub for pull requests.
      Get a personal use token by logging into a GitHub account with permissions to access the relevant repositories.
      Then, complete the process for Creating a personal access token for the command line.
      • If only public repositories are monitored, the repo:status scope is sufficient.
      • If private repositories are monitored, you must be granted the entire repo scope.
    • API Endpoint: If you use github.com, use the default value (https://api.github.com).
      If you use GitHub enterprise on a private host, the API endpoint is https://my-github-enterprise/api/v3.

    • Private Key: If you are only monitoring pull requests on public repositories, ignore this field.
      If at least one private repository on this SCM is monitored, this field must contain a private key with a corresponding public key registered to an account that is authorized to clone the scanned repositories.
      For more information about configuring SSH keys in GitHub, refer to Connecting to GitHub with SSH

      Note

      The private key can't have a passphrase.


    • GitHub host name: If you use github.com, use the default value (www.github.com). Otherwise, specify the host name or IP address of the installation. Omit the https://  part of the address.
    • Skip SSL Verification: When you use GitHub Enterprise configured with a self-signed certificate, attempts to connect to its API and to pull code from pull requests fail because of the untrusted certificate signer.
      Select this Check box to prevent that failure.
      Leave the box unchecked when using github.com.

...