Changes for page Dependency-Track
Last modified by Milad Afshar-Jahanshahi on 2025/09/03 14:31
From version 38.2
edited by Milad Afshar-Jahanshahi
on 2025/09/03 13:09
on 2025/09/03 13:09
Change comment:
There is no comment for this version
To version 35.1
edited by Milad Afshar-Jahanshahi
on 2025/09/03 13:01
on 2025/09/03 13:01
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -16,6 +16,8 @@ 16 16 17 17 [[Impact Analysis>>https://docs.dependencytrack.org/usage/impact-analysis/]] 18 18 19 +[[Collection-projects>>https://docs.dependencytrack.org/usage/collection-projects/]] 20 + 19 19 = Accessing Dependency-Track = 20 20 21 21 Dependency-Track is integrated into the DevOps-as-a-Service toolchain, but for now it’s only offered in the Pilotkunden Preview. To get started, a few prerequisites need to be in place. ... ... @@ -54,7 +54,6 @@ 54 54 If you are not already logged in to another tool in the toolchain or the DevOps portal, then you have to login using your configured SSO credentials. 55 55 56 56 57 -= Projects = 58 58 59 59 == Dependency-Track Jenkins Integration == 60 60 ... ... @@ -61,12 +61,11 @@ 61 61 When using sdcPipeline(), Maven projects automatically generate a Software Bill of Materials (SBOM) and are pushed to Dependency-Track. This process is fully automated through the provided pipeline library. Currently, this option is only available for Maven projects. 62 62 63 63 64 -== Collection Project == 65 +== Collection Project und Unterprojekte == 65 65 66 -In Dependency-Track, these Maven builds are organized under a **Collection Project**. Subprojects (for example, individual modules of a Maven project) are created as children of the DevOps portal project. This makes it easier to see aggregated metrics, such as vulnerabilities and license compliance, without having to open each subproject individually. 67 -For more details, see the [[Collection Projects>>https://docs.dependencytrack.org/usage/collection-projects/]] section in the Dependency-Track documentation. 67 +In Dependency-Track, these Maven builds are organized under a **Collection Project**. Subprojects (for example, individual modules of a Maven project) are created as children of the collection. This makes it easier to see aggregated metrics, such as vulnerabilities and license compliance, without having to open each subproject individually. 68 68 69 -= Users and Roles = 69 += Users, Projects and Roles = 70 70 71 71 * Projects, users and their roles in projects are managed in the DevOps Portal, the corresponding functions in Dependency-Track are disabled (UI and API) 72 72 ... ... @@ -75,11 +75,11 @@ 75 75 76 76 * When Dependency-Track is added as a tool to an existing or new project, a corresponding subwiki is automatically created. Users assigned to the project in the DevOps Portal are then added to the subwiki with the roles defined in the configuration : 77 77 ** Role mapping: ((( 78 -|=Project Role in DevOps Portal|=Permissions in Dependency-Track79 -|Admin|POLICY_VIOLATION_ANALYSIS, 80 -|Master|(% colspan="1" %) POLICY_VIOLATION_ANALYSIS,VIEW_POLICY_VIOLATION,VIEW_PORTFOLIO,VIEW_VULNERABILITY,VULNERABILITY_ANALYSIS81 -|Developer|(% colspan="1" %) POLICY_VIOLATION_ANALYSIS,VIEW_POLICY_VIOLATION,VIEW_PORTFOLIO, VIEW_VULNERABILITY, VULNERABILITY_ANALYSIS82 -|Viewer| VIEW_POLICY_VIOLATION,VIEW_PORTFOLIO,VIEW_VULNERABILITY78 +|=Project Role in DevOps Portal|=Permissions in XWiki 79 +|Admin| POLICY_VIOLATION_ANALYSIS,''VIEW_POLICY_VIOLATION,''VIEW_PORTFOLIO,'VIEW_VULNERABILITY,''VULNERABILITY_ANALYSIS' 80 +|Master|(% colspan="1" %)Can view, comment, and edit pages, but cannot delete content 81 +|Developer|(% colspan="1" %)Similar to Master 82 +|Viewer|Read-only access. Can only view content, no edits or comments allowed 83 83 84 84 A detailed description of the XWiki role model can be found [[here>>https://www.xwiki.org/xwiki/bin/view/Documentation/AdminGuide/Access%20Rights/Permission%20types/]] 85 85 )))