forked from pivotal-cf/docs-snyk
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.html.md.erb
97 lines (69 loc) · 4.24 KB
/
index.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
---
title: Snyk for PCF (Beta)
owner: Partners
---
<p class="note warning"><strong>WARNING:</strong> Snyk for PCF tile is currently in Beta and is intended for evaluation and test purposes only. Do not use this product in a PCF production environment.</p>
This documentation describes Snyk for Pivotal Cloud Foundry (PCF). Snyk for PCF enables developers to find, fix, prevent, and continuously monitor for known vulnerabilities and license issues in their open source dependencies.
## <a id='overview'></a> Overview
Snyk for PCF is a full on-premise installation of the Snyk solution. Installing it conveniently sets up the Snyk solution
with minimal configuration and human interaction. Snyk for PCF includes access to the entire suite of Snyk solutions, including Snyk source code management (SCM) integrations with Github Enterprise, Bitbucket Server, and Gitlab; Snyk CLI; Snyk APIs; Snyk Cloud Foundry integration; Snyk Lambda integration; Snyk Jira integration, and more.
In addition, customers leveraging the Snyk Service Broker to invoke Snyk scans on `cf push` via the various buildpacks will be able to point the Service Broker to this on-premise installation instead of the default [Snyk SaaS service](https://snyk.io).
## <a id='features'></a> Key Features
Snyk for PCF includes the following key features:
* **Scan:** Scan for known vulnerabilities and license issues in open source components
* **Fix:** Automate remediation with Fix pull requests (via SCM integraiton) or with `snyk wizard` (via CLI)
* **Patch:** Fixes include upgrades and Snyk's proprietary precision patches
* **Continuous Monitoring:** Get alerted on new vulnerabilities that impact your existing dependencies
* **SCM Integration:** Quickly import all your repos from Github Enterprise, Bitbucket Server, or Gitlab
* **Reporting:** Enterprise reporting and dashboards give you the state of your security vulnerabilities and license issues in one place
* **License scanning:** Create an open source license policy to make sure your applications stay compliant
* **User Management:** SSO, hierarchies, superpowered reports, and quick filters make user management fully flexible
* **Issue Tracking:** Manage issue lifecycle with Jira integration or with custom webhooks
* **CLI:** Fully functional and completely flexible CLI allows you to embed Snyk in any use case
* **API:** Integrate Snyk scans into your CI/CD pipeline with ease. Extract all data to augment your existing dashboards
## <a id="snapshot"></a> Product Snapshot
<p class='note'><strong>Note:</strong> As of PCF v2.0, Elastic Runtime is renamed Pivotal Application Service (PAS).</p>
The following table provides version and version-support information about Snyk for PCF.
<table class="nice">
<th>Element</th>
<th>Details</th>
<tr>
<td>Tile version</td>
<td>v0.25.0</td>
</tr>
<tr>
<td>Release date</td>
<td>February 7, 2019</td>
</tr>
<tr>
<td>Software component version</td>
<td>Snyk for PCF v0.25.0</td>
</tr>
<tr>
<td>Compatible Ops Manager version(s)</td>
<td>v2.2.x, v2.3.x, and v2.4.x</td>
</tr>
<tr>
<td>Compatible Pivotal Application Service version(s)</td>
<td>v2.2.x, v2.3.x, and v2.4.x</td>
</tr>
<tr>
<td>IaaS support</td>
<td>AWS, Azure, GCP, OpenStack, and vSphere</td>
</tr>
<tr>
<td>IPsec support?</td>
<td>No</td>
</tr>
</table>
## <a id="reqs"></a> Requirements
Snyk for PCF has the following requirements:
+ A paid Snyk Enterprise account. Learn more about [Snyk plans](https://snyk.io/plans).
+ `ubuntu-xenial v97` stemcell
+ Ability to provision a VM with resource specs of at least: 8CPUs, 32 GB RAM, 70 GB disk
## <a id="limitations"></a> Limitations
None.
## <a id="feedback"></a> Feedback
If you have a feature request, questions, or information about a bug, email [Pivotal Cloud Foundry Feedback](mailto:[email protected]) list or send an email to [Snyk Support](mailto:[email protected]).
## <a id='license'></a> License
Customers interested in using Snyk for PCF can download the tile and install it with a trial license. To obtain a trial or production license and 24/7 support, contact a [Snyk sales representative](mailto:[email protected]).