Bring your own license
learn how to integrate secure license tools to kyndryl modern operations – secure page displays vulnerability information for static scans and licensing compliance static scan displays vulnerabilities from sonarqube and licensing data from license finder the secure feature is only available in premium package licenses may also be submitted from other tools to secure using the apis described in subsequent sections bringing data into to bring your own deploy tools complete the following steps go to the tools configuration page and navigate to the tokens tab click on create token and give a unique token name select token type as develop, then click on the create button a new entry will be added to the table in the table entry click on the vertical ellipsis icon on the respective row and select the view/regenerate token option copy that token by clicking copy icon in the token field format step 1 token {the service token from step1} example token 74h5cr8setsjrvofkdbsisy3lsgfngu v5anur4pxu1jh8kp0nqbjhuwqsrmgztx step 2 api reference api /services/licenses?scannedby=license finder\&scannedtime=2021 06 28t12%3a07%3a29 104834%2b05%3a37 url https //{devops intelligence host}/dash/api/build/v1/services/licenses?scannedby=license finder\&scannedtime=2021 06 28t12%3a07%3a29 104834%2b05%3a37 parameters parameter type exaplanation example value scannedby query parameter tool which is used to scan the licenses of the repositories license finder scannedtime query parameter the time at which licenses are scanned and time(2006 01 02t15 04 05 999999999z07 00) should be url encoded 2021 06 28t12%3a07%3a29 104834%2b05%3a37 build body build data in json \[{ "dependency name" "github com/luzifer/go openssl/v3", "dependency version" "v3 1 0", "dependency homepage" "github com/luzifer/go openssl", "dependency install path" "/users/anilsahu/go/pkg/mod/github com/!luzifer/go openssl/v3\@v3 1 0", "dependency package manager" "go", "license name" "apache 2", "status" "allowed", "license link" "http //www apache org/licenses/license 2 0 txt", "provider href" "https //github kyndryl net/", "service name" "mcmp devops intelligence/dev secops", "serviceoverride" true }] curl example request curl location request post 'https //{devops intelligence host}/dash/api/build/v1/services/{servicename}/licenses?scannedby=license finder\&scannedtime=2021 06 28t12%3a07%3a29 104834%2b05%3a37' \\ \ header 'authorization token 74h5cr8setsjrvofkdbsisy3lsgfngu v5anur4pxu1jh8kp0nqbjhuwqsrmgztx' \\ \ header 'content type application/json' \\ \ data raw '\[{ "dependency name" "github com/luzifer/go openssl/v3", "dependency version" "v3 1 0", "dependency homepage" "github com/luzifer/go openssl", "dependency install path" "/users/anilsahu/go/pkg/mod/github com/!luzifer/go openssl/v3\@v3 1 0", "dependency package manager" "go", "license name" "apache 2", "status" "allowed", "license link" "http //www apache org/licenses/license 2 0 txt", "provider href" "https //github kyndryl net/", "service name" "mcmp devops intelligence/dev secops", "serviceoverride" true }]' response 200 "total number of records inserted successfully is 1" secure license request body explained field data type exaplanation example value dependency name string name of the package github com/luzifer/go openssl/v3 dependency version string version of the package used v3 1 0 dependency homepage string home url of the package github com/luzifer/go openssl status strin status of license allowed, denied, needapproval dependency install path string location of package installed in system /users/anilsahu/go/pkg/mod/github com/!luzifer/go openssl/v3\@v3 1 0 dependency package manager string package manager of dependency go license name string license which is used by package apache 2 license link string url of license home page http //www apache org/licenses/license 2 0 txt provider href string provider url on which license is scanned https //github kyndryl net/ details string additional details if any to be provided with the build(raw json file contents) raw json service name string servicename is a repository in on which license scan runs(repo name) mcmp devops intelligence/dev secops serviceoverride boolean override flag for the service true