Docker Inspector Properties
Configure the Docker Inspector by setting any properties described in the properties table. Typically, you set properties at the command line by adding a command-line argument such as the following:
--{property name}={property value} |
Alternative methods for setting property values
Black Duck Docker Inspector gets its property values from Spring Boot's configuration mechanism. Black Duck Docker Inspector users can leverage Spring Boot capabilities beyond command-line arguments and environment variables, for example, the hierarchy of property files and placeholders, to manage properties in more sophisticated ways.
Passing sensitive property values
For greater security, set sensitive property values such as passwords through the environment variables using the Spring Boot configuration mechanisms previously mentioned.
For example, instead of passing --blackduck.password=mypassword on the command line, you can do the following:
export BLACKDUCK_PASSWORD=mypassword
./blackduck-docker-inspector.sh --blackduck.url=http://blackduck.mydomain.com:8080/ --blackduck.username=myusername --docker.image=ubuntu:latest |
Refer to Spring Boot's configuration mechanism for more information.
Docker Inspector properties
The following table shows a list of available properties.
Property name | Type | Description | Default value | Deprecation status | Deprecation message |
|---|---|---|---|---|---|
bdio.include.removed.components | Boolean | In generated BDIO, include removed components? If false, only components present in the final container filesystem (those present after the final layer is applied) are included in the output. If true, a component any layer adds is included in the output even if later a higher layer removes it. | false |
|
|
bdio.organize.components.by.layer | Boolean | In generated BDIO, organize components by layer? | false |
|
|
blackduck.always.trust.cert | Boolean | Black Duck Always Trust Cert? | false | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. |
blackduck.api.token | String | Black Duck token | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.codelocation.name | String | Black Duck CodeLocation name | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.codelocation.prefix | String | Black Duck CodeLocation prefix | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.password | String | Black Duck Password | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.project.name | String | Black Duck Project Name | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.project.version | String | Black Duck Project Version | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.proxy.host | String | Black Duck Proxy Host | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.proxy.password | String | Black Duck Proxy Password | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.proxy.port | String | Black Duck Proxy Port | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.proxy.username | String | Black Duck Proxy Username | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.timeout | Integer | Black Duck Timeout in seconds | 120 | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. |
blackduck.url | String | Black Duck URL | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
blackduck.username | String | Black Duck Username | Deprecated | Support for running Docker Inspector as a standalone utility is being dropped. Transition to running Docker Inspector from Detect. | |
cleanup.inspector.container | Boolean | Stop inspector container after using it? | true |
|
|
cleanup.inspector.image | Boolean | Remove inspector image after using it? | false |
|
|
cleanup.target.image | Boolean | Remove target image after saving it? | false |
|
|
cleanup.working.dir | Boolean | Cleanup Working Dir? | true |
|
|
command.timeout | Long | Command Timeout (Milliseconds) | 120000 |
|
|
docker.image | String | Docker Image name:tag |
|
| |
docker.image.id | String | The ID (shown in the 'IMAGE ID' column of 'docker images' output) of the target Docker image. The target image must already appear in the local output of 'docker images'. |
|
| |
docker.image.platform
| String | The platform (shown as 'platform' field in 'docker manifest inspect {image}' output) of the target image should pull. When using this property, you must also provide the target image (via Note: when you provide a platform, you can provide either the target operating system (os), the target architecture, or os/architecture. Example To specify the arm platform for Docker Inspector to run on: |
|
|
|
docker.image.repo | String | Docker Image Repo; Use with |
|
| |
docker.image.tag | String | Docker Image Tag; Use with |
|
| |
docker.platform.top.layer.id | String | To ignore components from platform layers: specify the ID (from docker inspect: last of |
|
| |
docker.tar | String | Docker or OCI image tarfile path |
|
| |
help.output.path | String | The path to where help output is written in markdown format. If not set, help is written to stdout. If set, the directory must exist; the file is be created if it does not exist. If the path to a directory is provided, Docker Inspector generates the filename automatically. |
|
| |
imageinspector.service.distro.default | String | Default image inspector Linux distro (alpine, centos, or ubuntu) | ubuntu |
|
|
imageinspector.service.log.length | Integer | The number of lines of the image inspector service log to include in the Docker Inspector log when the log level is DEBUG or higher. | 10000 |
|
|
imageinspector.service.port.alpine | String | Alpine image inspector host port | 9000 |
|
|
imageinspector.service.port.centos | String | Centos image inspector host port | 9001 |
|
|
imageinspector.service.port.ubuntu | String | Ubuntu image inspector host port | 9002 |
|
|
imageinspector.service.start | Boolean | Start ImageInspector services (containers) as needed? | true |
|
|
imageinspector.service.url | String | The URL of the (already running) imageinspector service to use |
|
| |
jar.path | String | Black Duck Docker Inspector .jar file path |
|
| |
linux.distro | String | Target image Linux distribution name. Use this if you need to override the Linux distribution name discovered by Docker Inspector. |
|
| |
logging.level.com.synopsys | String | Logging Level (WARN, INFO, DEBUG, TRACE) | INFO |
|
|
offline.mode | Boolean | Make no attempts to access network-based resources (the Black Duck server, docker repository) | false |
|
|
output.containerfilesystem.excluded.paths | String | Comma-separated list of directories/files/links (specified as absolute paths) to exclude from the container filesystem |
|
| |
output.include.containerfilesystem | Boolean | Include container filesystem (a large file) in output? | false |
|
|
output.include.squashedimage | Boolean | Include container filesystem (a large file) in output? | false |
|
|
output.path | String | Path for output files |
|
| |
service.timeout | Long | HTTP Service Request Timeout (Milliseconds) | 600000 |
|
|
shared.dir.path.local | String | The host's path to the dir shared with the imageinspector containers. Only needed if using existing imageinspector containers. If not set, |
|
| |
system.properties.path | String | Path to a properties file containing additional system properties (an alternative to java -D) |
|
| |
upload.bdio | Boolean | Upload BDIO? | true |
|
|
use.platform.default.docker.host | Boolean | Use platform's default DOCKER_HOST value? Set to false if you want to override DOCKER_HOST | true |
|
|
working.dir.path | String | Working Directory Path. If not set, a default of |
|
|
|
©2023 Synopsys, Inc. All Rights Reserved