Skip to content

Integration with Advanced Features

Introduction

This page introduces advanced features available when integrating Licensight Scan into your CI pipelines, such as GitHub Actions or GitLab CI. These features provide greater control over scan behavior, including the ability to prevent using violated packages and exclude specific directories from scans.

⚠️ Before using these features, make sure your platform-specific variables and secrets are properly configured. Setup instructions are provided in the dedicated integration pages for GitHub and GitLab.

Break the Build (-btb)

If -btb flag is set, Licensight Scan will return a non-zero exit code if the feature branch introduces any new policy violations. This flag can be used to prevent merging violated packages into the default branch.

⚠️ Important: The default branch (e.g., main) must be scanned at least once before using this feature. Refer to Scan on Default Branch.

Provide -btb flag to pipeline:

./licensight-scan generate \
    -d . \
    -a "$LICENSIGHT_APPLICATION_NAME" \
    -e $LICENSIGHT_URL \
    -at $LICENSIGHT_ACCESS_TOKEN \
    -b $CI_COMMIT_REF_NAME \
    -dpr true \
    -btb true

Gitlab pipeline fails when the feature branch introduces some new violated packages:

gitlab-btb-pineline

Github Actions fails when the feature branch introduces some new violated packages:

github-btb-fail-job

Excluding Directories from Component Scan (-del)

You can use the -del option to exclude specific folders from being scanned. This is useful when you want to skip or ignore certain directories during the scanning process.

./licensight-scan generate \
    -d . \
    -a "$LICENSIGHT_APPLICATION_NAME" \
    -e $LICENSIGHT_URL \
    -at $LICENSIGHT_ACCESS_TOKEN \
    -b $CI_COMMIT_REF_NAME \
    -dpr true \
    -del "**/service-identify/**;**/service-security/**"

Gitlab pipeline result:

gitlab-del-pipeline

Github Actions result:

github-del-action

Troubleshooting Common Issues

Issue Description Solution
Exit code 1 Policy violations found and -btb is enabled Review the scan report and fix violations
Scan result is not visible in Licensight platform
  • Incorrect application name or URL
  • Licensight does not scan on the Default branch
  • Double-check LICENSIGHT_APPLICATION_NAME and LICENSIGHT_URL
  • Ensure the Gitlab pipeline ran on Default branch
Pipeline does not fail when -btb flag is used
  • Policy violations not found
  • Default branch hasn’t been scanned
 Run a scan on the default branch first
Error: No dependencies found
  • Scan directory lacks a component management file (e.g., package.json, pom.xml)
  • -del excluded all relevant paths
  • Required build tools are missing
  • Verify scan path and refine -del
  • Python project → install python3
  • Java project → install maven
  • Go project → install golang