Black Duck AWS CodeStar

Owned by Ari Kamen (Unlicensed)
Last updated: Dec 07, 2023 by Chris Potts
3 min read

Table of Contents

AWS CodeStar introduction

AWS CodeStar helps organizations develop, build, and deploy applications on Amazon Web Services (AWS). CodeStar makes it easy to set up continuous delivery toolchains and provides a unified user interface. 
This enables management of all software development activities in a single location.

CodeStar integrates with AWS developer tools like Cloud9, CodeCommit, CodeBuild, and CodePipeline.  CodeStar can also be integrated with other tools like Jenkins to help build delivery toolchains.

Integrating with Black Duck

The Black Duck scan client, that is provided through Synopsys Detect, is invoked from various AWS Developer Tools accessible in CodeStar.
This allows Black Duck to detect security, licensing, and operational risk at several points in an AWS CodeStar workflow.

There are two ways you can integrate Black Duck functionality into the AWS CodeStar workflow:

  • Integrating Synopsys Detect into the CodeStar build process.
  • Viewing Black Duck events in the CodeStar dashboard through JIRA.

Synopsys Detect

Synopsys Detect is invoked in various ways to integrate software composition analysis into your CodeStar workflow.
This is done by invoking Synopsys Detect as part of either a CodeBuild or CodePipeline workflow in CodeStar. 

Black Duck events in the CodeStar dashboard through JIRA

AWS CodeStar provides a dashboard that displays events. AWS enables the importation of events from selected JIRA projects into the CodeStar dashboard.
By leveraging the Black Duck JIRA plugin, events from a Black Duck scan can trigger the creation of JIRA tickets, which are used to track their resolution.
CodeStar displays the tickets on the project dashboard through the JIRA tile.

Using Black Duck with CodeStar

The following section describes integrating Black Duck with CodeStar.

Synopsys Detect invocation

Before you configure CodeStar to invoke Synopsys Detect, you must decide whether you to invoke Detect from CodeBuild or CodePipeline.  
If you are use CodeStar/CodeBuild for multiple projects, Black Duck recommends using CodePipeline custom action to avoid having to edit every buildspec.yml file.

Click CodeBuild or CodePipeline to learn about integrations with Black Duck.
Instructions are provided for integrating by using the AWS Console UI, the AWS CLI, and Jenkins.

  1. Create a Project in AWS CodeStar by following the instructions on the AWS CodeStar Getting Started page.  
    Note: Steps four and higher show more of CodeStar’s capabilities that are not required here.
  2. Integrate:
    1. If you’re using CodeBuild as your primary build tool, follow the instructions on the Black Duck AWS Integrations for CodeBuild page.
      Note: These methods require that you edit the buildspec.yml file for each project.
    2. To call Black Duck scan from CodePipeline; when you are using a build tool that’s not CodeBuild, or if scanning multiple projects, follow the instructions to create a CodePipeline custom action.

Black Duck events in CodeStar Dashboard

View Black Duck events in the CodeStar dashboard by leveraging the Black Duck JIRA integration.

  1. From the AWS CodeStar Project Dashboard, scroll to the bottom of the screen and click Connect.
  2. Enter the JIRA URL, and click Connect.
  3. Create an application link in JIRA:
    1. JIRA Administration > Applications > Application Links.
    2. Create an application link, paste the URL from CodeStar, and ignore any warnings.
    3. Copy the application name and type from CodeStar, and check the Incoming link option.
    4. Copy the consumer name and key, and the public key from CodeStar.
    5. Click Continue.
    6. Log in to JIRA and click Allow.
  4. Follow the instructions on the Black Duck JIRA Plugin page to configure the Black Duck and JIRA integration.

Notifications from Jira that are relevant to the project are displayed in CodeStar.







©2020 Synopsys, Inc. All Rights Reserved