Setting up SCM providers

Black Duck SCM integrations allows for direct communication with SCM providers, allowing Black Duck to automatically obtain repository and branch information when Detect scans are performed on cloned Git repositories, and populating dropdowns and search boxes in order to increase ease of use and data accuracy.

Enabling SCM integration

SCM integration utilizes a service that runs strictly within a Kubernetes environment, either native or Kubernetes in Docker (KinD). The helm charts will need to be used to install Black Duck to use this feature. This feature is not enabled by default in Black Duck and must be activated by adding the feature to your Product Registration key and then adding the following in your values.yaml file:

enableIntegration: true
Note: Black Duck does not accept self-signed certificates for SCM integrations at this time.

Creating an OAuth App

Before setting up a SCM provider in Black Duck, you must first authenticate the project.

For GitHub and GitHub Enterprise, you must create an OAuth App:

  1. Go to https://github.com/settings/developers and OAuth Apps and create a new app (or the corresponding URL for GitHub Enterprise).

  2. Fill the following fields:

    • Application Name

    • Homepage URL: The URL of your Black Duck Server

    • Application Description

    • Authorization Callback URL: <Homepage URL>/api/scm/github/callback

  3. Click Save. This will generate the Client ID to be used in Black Duck.

  4. Click Generate secret. This will generate a secret string to be used in Black Duck.

For GitLab Self-Managed:

  1. Go to <gitlab_server_name>/-/profile/applications. You should see add new application.

  2. Fill the following fields:

    • Name: provide any name.

    • Redirect URI: <bd_server_name>/api/scm/gitlab/callback
  3. Uncheck the Confidential checkbox.
  4. Enable API in the Scopes section.

For BitBucket:

  1. Go to <bitbucket_server_name>/plugins/servlet/applinks/listApplicationLinks

  2. Click Create Link.

  3. Select External application.

  4. Select Incoming in the Direction dialog box and then click OK.

  5. Fill the following fields:

    • Name: Provide a name.

    • Redirect URI: <bd_server_name>/api/scm/bitbucket/callback

  6. Check the Write checkbox under Repositories in the Application permissions section.

Setting up a GitHub.com SCM integration

To set up a GitHub.com SCM integration:

  1. Log into Black Duck as a System Administrator.

  2. Click Admin button and select Integrations.

  3. Click GitHub.com.

  4. Fill the following fields:

    • Check the Enable Server checkbox.

    • Enter the Client ID generated from the GitHub website.

    • Enter the Secret generated from the GitHub website.

  5. Click Save.

Setting up a GitHub Enterprise SCM integration

To set up a GitHub Enterprise SCM integration:

  1. Log into Black Duck as a System Administrator.

  2. Click Admin button and select Integrations.

  3. Click GitHub Enterprise.

  4. Click + Add Server.

  5. Fill the following fields:

    • Server Name: Enter a name for your server.

    • Server URL: Enter your GitHub Enterprise server URL.

    • Client ID: Enter the Client ID generated from the GitHub website.

    • Secret: Enter the Secret generated from the GitHub website.

    • Check the Enable Server checkbox.

  6. Click Create.

Setting up a GitLab Self-Managed SCM integration

To set up a GitLab Self-Managed SCM integration:

  1. Log into Black Duck as a System Administrator.

  2. Click Admin button and select Integrations.

  3. Click GitLab Self-Managed.

  4. Click + Add Server.

  5. Fill the following fields:

    • Server Name: Enter a name for your server.

    • Server URL: Enter your GitLab Self-Managed server URL.

    • Client ID: Enter the Client ID generated from the GitLab website.

    • Secret: Enter the Secret generated from the GitLab website.

    • Check the Enable Server checkbox.

  6. Click Create.

Setting up a GitLab SaaS SCM integration

To set up a GitLab SaaS SCM integration:

  1. Log into Black Duck as a System Administrator.

  2. Click Admin button and select Integrations.

  3. Click GitLab SaaS.

  4. Click + Add Server.

  5. Fill the following fields:

    • Server Name: Enter a name for your server.

    • Client ID: Enter the Client ID generated from the GitLab website.

    • Secret: Enter the Secret generated from the GitLab website.

    • Check the Enable Server checkbox.

  6. Click Create.

Setting up a Bitbucket SCM integration

To set up a Bitbucket SCM integration:

  1. Log into Black Duck as a System Administrator.

  2. Click Admin button and select Integrations.

  3. Click Bitbucket.

  4. Click + Add Server.

  5. Fill the following fields:

    • Server Name: Enter a name for your server.

    • Client ID: Enter the Client ID generated from the Bitbucket website.

    • Secret: Enter the Secret generated from the Bitbucket website.

    • Check the Enable Server checkbox.

  6. Click Create.

Setting up a Bitbucket Data Center SCM integration

To set up a Bitbucket Data Center SCM integration:

  1. Log into Black Duck as a System Administrator.

  2. Click Admin button and select Integrations.

  3. Click Bitbucket Data Center.

  4. Click + Add Server.

  5. Fill the following fields:

    • Server Name: Enter a name for your server.

    • Server URL: Enter your Bitbucket Data Center server URL.

    • Client ID: Enter the Client ID generated from the Bitbucket Data Center website.

    • Secret: Enter the Secret generated from the Bitbucket Data Center website.

    • Check the Enable Server checkbox.

  6. Click Create.