Black Duck Hub Service Broker for PCF Architecture

How it works

Black Duck Hub Service Broker

  1. The developer runs the cf push command.
  2. The meta-buildpack is invoked and claims the build.
  3. The meta-buildpack proceeds to invoke the appropriate programming language buildpack.
  4. The language buildpack detects and claims the build, and produces a droplet.
  5. Control passes back to the meta-buildpack. Decorator buildpacks invoke, including the Black Duck Hub Decorator Scan buildpack.
  6. If the app is bound to the black-duck-scan service, the droplet contents are scanned by the Black Duck Hub.
  7. Black Duck open source metadata information displays in the Black Duck Hub, such as:
    • Security
    • License
    • Operational risk
    • Policy violation status
Create a pull request or raise an issue on the source for this page in GitHub