Public Repository

Last pushed: 4 months ago
Short Description
The Black Duck Hub software image contains full server functionality.
Full Description

Introduction

This image contains fully functioning Black Duck Hub server software.

Use this image to scan any file system to see if it contains vulnerabilities, the open source licenses used, and the operational risks.

Get your license here

Getting Started

Make sure that at a minimum port 8080 is not blocked.

Interactive Mode
$ docker run -ti -h $(hostname) --name=hub \
  -p 4181 -p 8080:8080 -p 7081:7081 -p 55436 -p 8009 -p 8993 -p 8909 \
  -v hub_db_data:/var/lib/blckdck/hub:rw \
  -v hub_lic_data:/opt/blackduck/hub/config:rw \
  blackducksoftware/hub
Detached Mode
$ docker run -d -h $(hostname) --name=hub -p 4181 \
  -p 8080:8080 -p 7081:7081 -p 55436 -p 8009 -p 8993 -p 8909 \
  -v hub_db_data:/var/lib/blckdck/hub:rw \
  -v hub_lic_data:/opt/blackduck/hub/config:rw \
  blackducksoftware/hub
Using Volume Containers

You can also use a volume container to manage your Hub Data volumes:

$ docker run \
  -v /var/lib/blckdck/hub  \
  -v /opt/blackduck/hub/config \
  --name hub_data \
  blackducksoftware/hub true;
$ docker run -h $(hostname) --name=hub \
  -p 4181 -p 8080:8080 -p 7081:7081 -p 55436 -p 8009 -p 8993 -p 8909 \
  --volumes-from hub_data \
  blackducksoftware/hub

Notes

  • Once started you can connect with your browser on port 8080.
  • The Hub will request a key; enter the key you received from Black Duck Software.
  • It is only recommended to use Data Volume Containers or Named Volumes for the Hub Database and Licensing volumes (those specified above). This is due to how Docker permissions these folders inside the container, versus on the host system. If you were to start this container with host-directory volumes, you would not be able to start the Hub, as it would not have the correct write permissions on the volumes. Please only use Data Volume Containers and Named Volumes, as you will have the correct write access for the Hub.

Upgrading

To upgrade from a previous version of the Hub, follow these steps to retain your data (assuming you used volumes for your existing container):

$ docker exec -i hub /opt/blackduck/hub/appmgr/bin/hubcontrol.sh stop
$ docker stop hub
$ docker rm hub
$ docker run -d -h $(hostname) --name=hub \
  -p 4181 -p 8080:8080 -p 7081:7081 -p 55436 -p 8009 -p 8993 -p 8909 \
  -v hub_db_data:/var/lib/blckdck/hub:rw \
  -v hub_lic_data:/opt/blackduck/hub/config:rw \
  blackducksoftware/hub

Once the docker container starts and the Hub is started up correctly, navigate to http://${hostname}:7081/console, and use the Glu console to redeploy the AppMgr agent (takes about 15 minutes). This will ensure your data is migrated to the new version.

Configuring for HTTPS

You can also configure the Hub to use HTTPS protocols. This is done after starting up the Hub container, as it requires configuration of the Hub properties. You will need your PKCS12 keystore file (only PKCS12 is supported currently), as well as the password for that keystore file.

Copy the keystore file into the volume that is mapped to /opt/blackduck/hub/config. This volume is typically located in the /var/lib/docker/volumes/hub_lic_data/_data folder (though the path may vary based on your naming and/or using the volumes-from method, above).

Then, inside your docker container:

$ docker exec -it hub bash;
$ /opt/blackduck/hub/appmgr/bin/changeHubHttpSettings.sh

You will be presented with a series of prompts, fill them out accordingly:

===============================================================================
Change Hub HTTP/HTTPS parameters
--------------------------------

These questions will guide you through the process of updating your HTTP/HTTPS settings.



===============================================================================
Hub Tomcat Server Definitions
-----------------------------


Use HTTPS Connection?  [y, n] y
Port (DEFAULT: 8080) 8080
Probing port 8080
Localhost resolved to localhost/127.0.0.1
Port 8080 was available
Shutdown Port (DEFAULT: 8009) 
Redirect Port 443 to 8443?  [y, n] n
Absolute path to Keystore File: /opt/blackduck/hub/config/<name of pkcs12 file>
Keystore Password: 
Please re-enter the password: 
Searching for valid IPv4 network addresses...
Found IPv4 Address: 10.1.0.167
Found 1 IPv4 network addresses.

Stop the system to prepare for the changes

sending stop request to AppMgrAgent 
Create Plan SUCCESS! HTTP/1.1 201 Created

You can now access the Hub through HTTPS protocols through port 8080 on your Docker host.

Configuring for Unlimited Encryption Jars

It is possible to use the Hub with the "unlimited encryption" JARs provided by Java. These are set up so that a host-directory volume can be used in this one instance to use these JARs instead of the standard ones provided by Java and the Hub.

To do this, unzip the "unlimited encryption" binaries to a known directory on the host machine. Note the location of these jars (there should be two: local_policy.jar and US_export_policy.jar).

When starting the Hub, provide a host-directory volume definition with this location above, mapping it to the /var/lib/blckdck/jre/lib/security folder. This folder only contains these two JAR files (the standard editions provided by Java), which will be overrode with the new ones you are providing on the host system.

For example:

$ docker run -d -h $(hostname) --name=hub \
  -p 4181 -p 8080:8080 -p 7081:7081 -p 55436 -p 8009 -p 8993 -p 8909 \
  -v hub_db_data:/var/lib/blckdck/hub:rw \
  -v hub_lic_data:/opt/blackduck/hub/config:rw \
  -v $(pwd)/java/lib/security:/var/lib/blckdck/jre/lib/security:ro \
  blackducksoftware/hub

Do note, that this is a host-directory volume mount, while the other two types are data-containers or named data volumes. This is an exception to the above strategy, as this allows the JAR files to be overrode on the container, with those present on the host system.

Docker Pull Command
Owner
blackducksoftware

Comments (2)
vacantsouls
2 months ago

There's no "latest" tag. Download with the specific version seems to work.

docker run -d -h $(hostname) --name=hub -p 4181 \
-p 8080:8080 -p 7081:7081 -p 55436 -p 8009 -p 8993 -p 8909 \
-v hub_db_data:/var/lib/blckdck/hub:rw \
-v hub_lic_data:/opt/blackduck/hub/config:rw \
blackducksoftware/hub:3.6.2

jenya4u
3 months ago

It's seems that there is an issue with this image.
For some reason I can't download it:

user@virtdebian:~$ docker pull blackducksoftware/hub
Using default tag: latest
Error response from daemon: manifest for blackducksoftware/hub:latest not found