Snyk Service Broker
This documentation describes the Snyk Service Broker for Pivotal Platform. The Snyk Service Broker for Pivotal Platform enables developers to scan their droplets for known vulnerabilities in open source components. In addition, the Snyk Service Broker for Pivotal Platform allows you to continuously monitor droplets for new vulnerabilities as well as preventing the deployment of vulnerable droplets.
The Snyk Service Broker for Pivotal Platform registers a service broker with Pivotal Platform and exposes its service plans on the Marketplace. Developers can then create service plan instances using Apps Manager or the Cloud Foundry Command Line Interface (cf CLI) and bind them to their apps.
Creating a Snyk Service Broker for Pivotal Platform service instance and binding it to an app will trigger Snyk to run scans on your app dependencies as part of the buildpack. Using environment variables, you can decide whether to continuously monitor your app, reject a vulnerable droplet, or patch the vulnerabilities inside your app.
Snyk Service Broker for Pivotal Platform includes the following key features:
- Scan your app dependencies for known vulnerabilities
- Continuously monitor your app dependencies for new vulnerabilities
- Reject a vulnerable droplet from being deployed
- Patch you app dependencies during buildpack phase
The following table provides version and version-support information about Snyk Service Broker for Pivotal Platform.
|Release date||June 20, 2019|
|Software component versions||Snyk service broker v1.0.3|
|Compatible Ops Manager version(s)||v2.1.x, v2.2.x, v2.3.x, v2.4.x, v2.5.x, and v2.6.x|
|Compatible Pivotal Application Service version(s)||v2.1.x, v2.2.x, v2.3.x, v2.4.x, v2.5.x, and v2.6.x|
|BOSH stemcell version||Ubuntu Xenial|
|IaaS support||AWS, Azure, GCP, OpenStack, and vSphere|
WARNING: Snyk Service Broker for Pivotal Platform v1.0.1 and earlier require a Ubuntu Trusty stemcell. The end-of-life date for Ubuntu Trusty is April 2019. If a security vulnerability is found on this stemcell after April, it will not be fixed.
Snyk Service Broker has the following requirements:
- A free or paid Snyk account. Sign up at Snyk.io.
The Snyk Service Broker for Pivotal Platform is licensed under the Apache 2 license.