Cloud Services

DevOps Intelligence

Expand menu Collapse menu

Bring Your Own License

Published On Nov 05, 2024 - 1:34 PM

Bring Your Own License

Learn how to integrate secure license tools to Kyndryl Modern Operations – DevOps Intelligence

DevOps Intelligence Secure Page displays vulnerability information for static scans and licensing compliance. Static scan displays vulnerabilities from SonarQube and licensing data from license finder. The secure feature is only available in DevOps Intelligence's premium package. Licenses may also be submitted from other tools to DevOps Intelligence Secure using the APIs sescribed in subsequent sections.

Bring Data into DevOps Intelligence

To bring your own Deploy tools complete the following steps:

Go to the DevOps Intelligence Tools Configuration page and navigate to the Tokens tab.

Click on Create Token and give a unique Token name.

Select Token Type as Develop, then click on the Create button.

A new entry will be added to the table. In the table entry.

Click on the vertical ellipsis icon on the respective row and select the view/regenerate token option.

Copy that token by clicking copy icon in the token field.

Format

Step 1: TOKEN {the-service-token-from-step1}

Example :

TOKEN 74h5cR8sETSJRvOFkdbsISY3lsgfNGu_V5aNur4Pxu1Jh8kP0NQBJhuWQsRmGzTX

Step 2: API Reference

API : /services/licenses?scannedBy=license_finder&scannedTime=2021-06-28T12%3A07%3A29.104834%2B05%3A37

URL: https://{devops-intelligence-host}/dash/api/build/v1/services/licenses?scannedBy=license_finder&scannedTime=2021-06-28T12%3A07%3A29.104834%2B05%3A37

Parameters

Parameter	Type	Exaplanation	Example Value
scannedBy*	Query Parameter	Tool which is used to scan the Licenses of the repositories	license_finder
scannedTime*	Query Parameter	The time at which Licenses are scanned and time(2006-01-02T15:04:05.999999999Z07:00) should be URL encoded	2021-06-28T12%3A07%3A29.104834%2B05%3A37
build *	BODY	Build Data in Json	[{ "dependency_name": "github.com/Luzifer/go-openssl/v3", "dependency_version": "v3.1.0", "dependency_homepage": "github.com/Luzifer/go-openssl", "dependency_install_path": "/Users/anilsahu/go/pkg/mod/github.com/!luzifer/go-openssl/[email protected]", "dependency_package_manager": "Go", "license_name": "Apache 2", "status": "Allowed", "license_link": "http://www.apache.org/licenses/LICENSE-2.0.txt", "provider_href": "https://github.kyndryl.net/", "service_name": "MCMP-DevOps-Intelligence/dev_secops", "serviceoverride": true }]

cURL Example:

Request


curl --location --request POST 'https://{devops-intelligence-host}/dash/api/build/v1/services/{serviceName}/licenses?scannedBy=license_finder&scannedTime=2021-06-28T12%3A07%3A29.104834%2B05%3A37' \
--header 'Authorization: TOKEN 74h5cR8sETSJRvOFkdbsISY3lsgfNGu_V5aNur4Pxu1Jh8kP0NQBJhuWQsRmGzTX' \
--header 'Content-Type: application/json' \
--data-raw '[{
    "dependency_name": "github.com/Luzifer/go-openssl/v3",
    "dependency_version": "v3.1.0",
    "dependency_homepage": "github.com/Luzifer/go-openssl",
    "dependency_install_path": "/Users/anilsahu/go/pkg/mod/github.com/!luzifer/go-openssl/[email protected]",
    "dependency_package_manager": "Go",
    "license_name": "Apache 2",
    "status": "Allowed",
    "license_link": "http://www.apache.org/licenses/LICENSE-2.0.txt",
    "provider_href": "https://github.kyndryl.net/",
    "service_name": "MCMP-DevOps-Intelligence/dev_secops",
    "serviceoverride": true
  }]'

Response 200

"Total Number of records inserted successfully is 1"

Secure-License Request Body Explained

Field	Data Type	Exaplanation	Example Value
dependency_name	string	Name of the package	github.com/Luzifer/go-openssl/v3
dependency_version	string	Version of the package used	v3.1.0
dependency_homepage	string	Home URL of the package	github.com/Luzifer/go-openssl
status	strin	Status of license	Allowed, Denied, NeedApproval
dependency_install_path	string	Location of package installed in system	/Users/anilsahu/go/pkg/mod/github.com/!luzifer/go-openssl/[email protected]
dependency_package_manager	string	Package manager of dependency	Go
license_name	string	License which is used by package	Apache 2
license_link	string	URL of license home page	http://www.apache.org/licenses/LICENSE-2.0.txt
provider_href	string	Provider URL on which license is scanned	https://github.kyndryl.net/
details	string	Additional details if any to be provided with the build(raw json file contents)	Raw JSON
service_name*	string	serviceName is a repository in DevOps intelligence on which License scan runs(repo name)	MCMP-DevOps-Intelligence/dev_secops
serviceoverride	boolean	Override flag for the service	true

Bring Your Own Tools

Do you have two minutes for a quick survey?

Take Survey