ws-nexus-integration is a command line tool to scan Nexus repositories.
This tool can be deployed either on the Nexus host or on a separate machine that has access to the Nexus instance.
Supported formats: maven2, npm, pypi, rubygems, nuget, docker and raw.
- Nexus Repository Manager 3.x (any edition)
- Java VM > 8
- Docker
- Python 3.8 or above
- Install ws-nexus-integration:
pip install ws-nexus-integration - Download and edit params.config
- Execute
ws_nexus_integration <path/to/params.config>
===================================================================================================================
| Group | Parameter | Description |
===================================================================================================================
| Nexus Settings | NexusBaseUrl | Nexus instance base URL (Default: http://localhost:8081) |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusAuthToken | Nexus auth token (base64 encoded) |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusUser | Nexus username. Required if NexusAuthToken is not specified |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusPassword | Nexus password. Required if NexusAuthToken is not specified |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusRepositories | Comma-separated list of repository names to scan. |
-------------------------------------------------------------------------------------------------------------------
| General Settings | NexusExcludedRepos| Comma-separated list of repository names to excluded from scan. |
| | itories | |
-------------------------------------------------------------------------------------------------------------------
| General Settings | NexusDockerRepos | In case of docker repository , |
| | ImagesIncludes | Comma-separated regex list of images expressions to be included |
-------------------------------------------------------------------------------------------------------------------
| Nexus Settings | NexusAltDocker | Allow specifying specific registry URL (host:port) to download docker|
| | RegistryAddress | images (i.e, when registry is under NAT due to Nexus K8S deployment).|
===================================================================================================================
| Mend Settings | WSApiKey | Mend API Key, can be found under the 'Integrate' tab in your |
| | | Mend organization. |
-------------------------------------------------------------------------------------------------------------------
| Mend Settings | WSUserKey | Mend User Key, can be found under the 'user profile' tab in |
| | | your Mend organization. |
-------------------------------------------------------------------------------------------------------------------
| Mend Settings | WSProductName | The Mend product that will aggregate all scanned repositories. |
-------------------------------------------------------------------------------------------------------------------
| Mend Settings | WSCheckPolicies | Whether to enable Mend policy check for scanned repositories. |
-------------------------------------------------------------------------------------------------------------------
| Mend Settings | WSLang | (Optional) allow passing a comma seperated list of suffices of |
| | | artifacts to scan in Docker (default: empty). |
-------------------------------------------------------------------------------------------------------------------
| Mend Settings | WSUrl | Mend server URL, can be found under the 'Integrate' tab in |
| | | your Mend organization. |
===================================================================================================================
-------------------------------------------------------------------------------------------------------------------
| General Settings | ThreadCount | Multi-threading speeds up the scan preperation phase, but it depends |
| | | on your environment capabilities (default: 5). |
===================================================================================================================
=================================================================================================
| Code | Message | Description |
=================================================================================================
| 0 | SUCCESS | |
-------------------------------------------------------------------------------------------------
| 1 | FAILED | Prerequisites, configuration or general errors |
-------------------------------------------------------------------------------------------------
| -1 | ERROR | Mend scan general error |
-------------------------------------------------------------------------------------------------
| -2 | POLICY_VIOLATION | Mend policy violation |
-------------------------------------------------------------------------------------------------
| -3 | CLIENT_FAILURE | Mend scan client side error |
-------------------------------------------------------------------------------------------------
| -4 | CONNECTION_FAILURE | Mend agent failed to connect to the application server. |
-------------------------------------------------------------------------------------------------
| -5 | SERVER_FAILURE | Mend scan server side error |
=================================================================================================