Black Duck
App Vendor: Synopsys
App Category: Network Security
Connector Version: 1.1.0
API Version: 1.0.0
About App
Black Duck software composition analysis (SCA) helps teams manage the security, quality, and license compliance risks that come from the use of open-source and third-party code in applications and containers.
The Black Duck app is configured with Orchestrate to perform the following actions:
Action Name | Description |
|---|---|
Generic Action | This is a generic action to initiate a request to an endpoint. |
Get Affected Projects by Vulnerability | This action retrieves the projects affected by a vulnerability. |
Get Component Details | This action retrieves the details of a component. |
Get Component Version Details | This action retrieves the details of a component version. |
Get Component Vulnerabilities | This action retrieves the vulnerabilities related to a component. |
Get Project Components | This action retrieves the components of a project version. |
Get Project Versions | This action retrieves the versions of a project. |
List Projects | This action lists the projects. |
Search Components in Use | This action searches for components in use. |
Configuration Parameters
The following configuration parameters are required for the Blackduck app to communicate with the Blackduck enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the Black Duck base URL or IP address to connect to. | Text | Required |
|
API Token | Enter the API token to connect to the Black Duck instance. | Password | Required |
|
Verify | Choose to perform or skip the SSL certificate verification. | Boolean | Optional | Default value: false Allowed values:
|
Timeout | Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with the Black Duck. | Integer | Optional | Allowed range: 15-120 secs Default value: 15 secs |
Action: Generic Action
This is a generic action to initiate a request to an endpoint.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Method | Enter the HTTP method. | Text | Required |
|
Endpoint | Enter the endpoint to initiate the request. Example: "/api/vulnerabilities/{cve_id}/affected-projects" | Text | Required |
|
Query Params | Enter the query parameters to pass to the API. | Key Value | Optional |
|
Payload | Enter the payload to pass to the API. | Any | Optional |
|
Additional Fields | Enter the additional parameters to pass. For available keys refer to the document. Example: {'download':True,'custoum_output':'This is a custom output'} | Key Value | Optional | Available keys:
|
Action: Get Affected Projects by Vulnerability
This action retrieves the projects affected by a vulnerability.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
CVE ID | Enter the CVE ID to retrieve the affected projects. | Text | Required | |
Extra Params | Enter the extra parameters. Example: {"limit" : "100"} | Key Value | Optional |
Action: Get Component Details
This action retrieves the details of a component.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Component ID | Enter the component ID to retrieve the details. | Text | Required | |
Extra Params | Enter the extra parameters. Example: {"limit": "10"} | Key Value | Optional |
Action: Get Component Version Details
This action retrieves the details of a component version.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Component ID | Enter the component ID to retrieve the details. | Text | Required | |
Component Version ID | Enter the component version ID to retrieve the details. | Text | Required | |
Extra Params | Enter the extra parameters. Example: {"limit": "100"} | Key Value | Optional |
Action: Get Component Vulnerabilities
This action retrieves the vulnerabilities related to a component.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Component ID | Enter the component ID to retrieve the vulnerabilities. | Text | Required | |
Extra Params | Enter the extra parameters. Example: { "limit": "100"} | Key Value | Optional |
Action: Get Project Components
This action retrieves the components of a project version.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Project ID | Enter the project ID to retrieve the components. | Text | Required | |
Version ID | Enter the version ID to retrieve the components. | Text | Required | |
Extra Params | Enter the extra parameters. Example: { "limit":"10"} | Key Value | Optional |
Action: Get Project Versions
This action retrieves the versions of a project.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Project ID | Enter the project ID to retrieve the versions. | Text | Required | |
Extra Params | Enter the extra parameters. Example: { "limit":"10"} | Key Value | Optional |
Action: List Projects
This action lists the projects.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query | Enter a query to list projects. Example: {"name":"application"} | Text | Optional | |
Extra Params | Enter the extra parameters. Example: {"limit": "10"} | Key Value | Optional |
Action: Search Components in Use
This action searches for components in use.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query | Enter the query to search for components in use. Example: "componentname" | Text | Required | |
Extra Params | Enter the extra parameters. Example: {"limit":"100"} | Key Value | Optional |