Install DependencyTrack⚓︎

This documentation guide provides comprehensive instructions for installing and integrating DependencyTrack with the EPAM Delivery Platform.

Prerequisites⚓︎

• Kubectl version 1.26.0 is installed.
• Helm version 3.12.0+ is installed.

Installation⚓︎

To install DependencyTrack use EDP addons approach.

Configuration⚓︎

1. Open Administration -> Access Management -> Teams. Click Create Team -> Automation and click Create.

2. Click + in Permissions and add:

   BOM_UPLOAD
   PROJECT_CREATION_UPLOAD
   VIEW_PORTFOLIO
   

3. Click + in API keys to create token:

1. Provision secrets using manifest, EDP Portal, or with the externalSecrets operator:

manifestEDP Portal UIExternal Secrets Operator

apiVersion: v1
kind: Secret
metadata:
  name: ci-dependency-track
  namespace: <edp>
  labels:
    app.edp.epam.com/secret-type: dependency-track
    app.edp.epam.com/integration-secret: "true"
stringData:
  token: <dependency-track-token>
  url: <dependency-track-api-url>
type: Opaque

Go to the EDP Portal UI open EDP -> Configuration -> DependencyTrack apply Token and URL click the save button.

Store DependencyTrack URL and Token in the AWS Parameter Store with the following format:

"ci-dependency-track":
{
  "token": "XXXXXXXXXXXX",
  "url": "https://dependency-track.example.com"
}

Go to the EDP Platform UI open EDP -> Configuration -> DependencyTrack see the Managed by External Secret.

More detail on External Secrets Operator Integration can be found on the following page

After following the instructions provided, you should be able to integrate your DependencyTrack with the EPAM Delivery Platform.

Related Articles⚓︎

• Install External Secrets Operator
• External Secrets Operator Integration
• Cluster Add-Ons Overview