Black Duck Hub Service Broker for PCF
WARNING: This tile requires a Trusty stemcell. The end of life date for Ubuntu Trusty is April 2019. If a security vulnerability is found on this stemcell after April, it will not be fixed.
This documentation describes the Black Duck Hub Service Broker for Pivotal Cloud Foundry (PCF). The Black Duck Hub Service Broker for PCF enables developers to secure and manage open source software in PCF apps through the Black Duck Hub console.
Black Duck is the industry leader in open source security and management. The Black Duck Hub Service Broker for PCF registers with PCF and exposes its scan service on the Marketplace. Developers can then use Apps Manager or the Cloud Foundry command line interface (cf CLI) to bind the Black Duck Hub scan service to their apps.
Creating a Black Duck Hub PCF service instance and binding it to an app enables developers to initiate an open source software scan during the cf-push process.
Using the Black Duck Hub Service Broker, you can:
- Import the Black Duck Hub Service Broker into your Marketplace
- Provide the Hub Scan Service for any PCF app.
- Bind the Black Duck Hub to any app running on PCF.
- Automate open source scanning on any PCF app.
- Provide security, license, and operation risk information on identified open source software.
- Continuously monitor the open source components in use.
The following table provides version and version support information about the Black Duck Hub Service Broker for PCF.
|Release date||April 3, 2018|
|Software component version||Hub v4.4.0 and later|
|Compatible Ops Manager versions||v1.11.x, v1.12.x, and v2.0.x|
|Compatible Pivotal Application Service version(s)||v1.11.x, v1.12.x, and v2.0.x|
|BOSH stemcell version||Ubuntu Trusty|
The Black Duck Hub Service Broker for PCF requires a licensed version of the Black Duck Hub. Contact our sales team to request a license.
The Black Duck Hub Service Broker for PCF source code is open source and is located at the Black Duck Software GitHub hub-pivotal-cf repository.
The Black Duck Hub Service Broker for PCF code is licensed under Apache 2.0.