Appendix 2. Examples of running on-boarding scripts

• Code base scan scan_codebase.py
• Artifact scan by URL (scan_artifact.py)
  • File storage (Login/Password)
  • File storage (Anonymous)
    • type: maven (with classifier)
    • type: yum_1
    • type: docker - first way
    • type: docker - second way
    • type: npm_1
  • Scanning an artifact identified in Maverix by parameters (e.g. group, artifact ID, and version for Maven artifacts)
    • type: file-storage
    • type: maven
    • type: docker
    • type: yum_1
    • type: yum. Placeholders: ${artifactVersion} and ${artifactBuild}
    • type: raw_1
    • type: npm_1
• Importing results (import_results.py)
  • Importing results from Checkmarx
  • Importing results from Nexus IQ (artifact)
  • Importing results from Nexus IQ (code base)