Cloud Services

DevOps Intelligence

Bring Your Own License
Published On Jun 05, 2024 - 11:21 AM

Bring Your Own License

Learn how to integrate secure license tools to Kyndryl Modern Operations – DevOps Intelligence
DevOps Intelligence Secure Page displays vulnerability information for static scans and licensing compliance. Static scan displays vulnerabilities from SonarQube and licensing data from license finder. The secure feature is only available in DevOps Intelligence's premium package. Licenses may also be submitted from other tools to DevOps Intelligence Secure using the APIs sescribed in subsequent sections.

Bring Data into DevOps Intelligence

To bring your own Deploy tools complete the following steps:
  1. Go to the DevOps Intelligence Tools Configuration page and navigate to the Tokens tab.
  2. Click on Create Token and give a unique Token name.
  3. Select Token Type as Develop, then click on the Create button.
  4. A new entry will be added to the table. In the table entry.
  5. Click on the vertical ellipsis icon on the respective row and select the view/regenerate token option.
  6. Copy that token by clicking copy icon in the token field.

Format

Step 1: TOKEN {the-service-token-from-step1}
Example :
TOKEN 74h5cR8sETSJRvOFkdbsISY3lsgfNGu_V5aNur4Pxu1Jh8kP0NQBJhuWQsRmGzTX
Step 2:  API Reference
API : /services/licenses?scannedBy=license_finder&scannedTime=2021-06-28T12%3A07%3A29.104834%2B05%3A37
URL: https://{devops-intelligence-host}/dash/api/build/v1/services/licenses?scannedBy=license_finder&scannedTime=2021-06-28T12%3A07%3A29.104834%2B05%3A37
Parameters
Parameter
Type
Exaplanation
Example Value
scannedBy*
Query Parameter
Tool which is used to scan the Licenses of the repositories
license_finder
scannedTime*
Query Parameter
The time at which Licenses are scanned and time(2006-01-02T15:04:05.999999999Z07:00) should be URL encoded
2021-06-28T12%3A07%3A29.104834%2B05%3A37
build *
BODY
Build Data in Json
[{ "dependency_name": "github.com/Luzifer/go-openssl/v3", "dependency_version": "v3.1.0", "dependency_homepage": "github.com/Luzifer/go-openssl", "dependency_install_path": "/Users/anilsahu/go/pkg/mod/github.com/!luzifer/go-openssl/[email protected]", "dependency_package_manager": "Go", "license_name": "Apache 2", "status": "Allowed", "license_link": "http://www.apache.org/licenses/LICENSE-2.0.txt", "provider_href": "https://github.kyndryl.net/", "service_name": "MCMP-DevOps-Intelligence/dev_secops", "serviceoverride": true }]

cURL Example:

Request
curl --location --request POST 'https://{devops-intelligence-host}/dash/api/build/v1/services/{serviceName}/licenses?scannedBy=license_finder&scannedTime=2021-06-28T12%3A07%3A29.104834%2B05%3A37' \ --header 'Authorization: TOKEN 74h5cR8sETSJRvOFkdbsISY3lsgfNGu_V5aNur4Pxu1Jh8kP0NQBJhuWQsRmGzTX' \ --header 'Content-Type: application/json' \ --data-raw '[{ "dependency_name": "github.com/Luzifer/go-openssl/v3", "dependency_version": "v3.1.0", "dependency_homepage": "github.com/Luzifer/go-openssl", "dependency_install_path": "/Users/anilsahu/go/pkg/mod/github.com/!luzifer/go-openssl/[email protected]", "dependency_package_manager": "Go", "license_name": "Apache 2", "status": "Allowed", "license_link": "http://www.apache.org/licenses/LICENSE-2.0.txt", "provider_href": "https://github.kyndryl.net/", "service_name": "MCMP-DevOps-Intelligence/dev_secops", "serviceoverride": true }]'
Response 200
"Total Number of records inserted successfully is 1"

Secure-License Request Body Explained

Field
Data Type
Exaplanation
Example Value
dependency_name
string
Name of the package
github.com/Luzifer/go-openssl/v3
dependency_version
string
Version of the package used
v3.1.0
dependency_homepage
string
Home URL of the package
github.com/Luzifer/go-openssl
status
strin
Status of license
Allowed, Denied, NeedApproval
dependency_install_path
string
Location of package installed in system
/Users/anilsahu/go/pkg/mod/github.com/!luzifer/go-openssl/[email protected]
dependency_package_manager
string
Package manager of dependency
Go
license_name
string
License which is used by package
Apache 2
license_link
string
URL of license home page
http://www.apache.org/licenses/LICENSE-2.0.txt
provider_href
string
Provider URL on which license is scanned
https://github.kyndryl.net/
details
string
Additional details if any to be provided with the build(raw json file contents)
Raw JSON
service_name*
string
serviceName is a repository in DevOps intelligence on which License scan runs(repo name)
MCMP-DevOps-Intelligence/dev_secops
serviceoverride
boolean
Override flag for the service
true
Do you have two minutes for a quick survey?
Take Survey