...
This document describes the product scanning scenario. It is not expected that endusers end-users would be required to set up their project in Mend themselves. The work described here is part of the GEANT Mend setup - assistance service. This information is published to provide a deeper understanding of the workflows and functioning of Mend and capture its key elements.
...
The Unified Agent is a Java command-line tool that scans directories' open source components for vulnerable libraries and license complications , and displays the results in the Mend web application. The Unified Agent works the following way: directories are scanned to identify the open-source components, whereupon the Unified Agent checks each new component against organizational policies (note that no source code is scanned - only descriptive information is sent to Mend).
...
- apiKey - unique identifier of the organization. It can be retrieved from the 'Integrate' page in your Mend account
- userKey - unique identifier of the user, and it is optional. It can be generated from the 'Profile' page in your Mend account. With the user key key, Mend recognize who runs the scan.
- wss.url - enable the relevant URL according to your organization's Mend Server URL from your Profile page on the Server URLs panel (additionally, it can be found in the Integrate tab). Then, add the agent path. in the config file. There are three versions of
wss.url:#wss.url=https://saas.whitesourcesoftware.com/agent#wss.url=https://app.whitesourcesoftware.com/agentwss.url=https://app-eu.whitesourcesoftware.com/agent (our Mend run under this url)
- productToken - identifies the product to be scanscanned. First, you need to create a new product.
To create a new product do the following:From the menu bar, select Products > New Product. The Create New Product screen is displayed.
Enter the product name, and click Create.
...