Creating Inventory from the Project Inventory Tab
Reviewers can create an inventory item to represent any third-party code or artifact that is not automatically detected by the system.
Use the following steps to create an inventory item from the Project Inventory tab as needed. Note the following:
|
•
|
When you save the inventory item, it is automatically published. |
|
•
|
No files can be associated with an inventory item when it is created from the Project Inventory tab. |
|
•
|
If you register a new component instance (a unique component-version-license combination) when creating inventory, the registered instance becomes available for selection across the system. |
|
•
|
Inventory of type Work in Progress, Component, or License Only can be created. |
To create an inventory item from the Project Inventory tab, do the following:
|
2.
|
Click Add Item at the top of the Inventory Items list. |
The New Inventory dialog opens.
|
3.
|
For the Name field, perform the appropriate step, based on the inventory type you intend to select for the Type field (see the next step): |
|
•
|
For inventory of the type Work in Progress, specify a name for the inventory item. Best practice is to provide a name in the following conventional syntax used by Code Insight, even if the elements represented in the name are not available in the Data Library: |
<COMPONENT_NAME> <VERSION> (LICENSE_NAME)
|
•
|
For inventory of the type Component or License only, leave the Name field blank. The field will be automatically populated based on the registered component or license instance. |
|
4.
|
From the Type dropdown list, select the type of inventory item you want to create and then perform the related step or steps: |
|
•
|
Work in Progress—Create this type of inventory item if you want to quickly represent third-party code or an artifact without having to select an associated component, version, or license from the Data Library. (You can later edit this inventory item to convert it to one of the other inventory types.) This option is typically used if you need a placeholder or cannot find the associated element in the Data Library. Items of type Work in Progress are not affected by policies and do not receive vulnerability updates or alerts. |
|
•
|
Component—Create this type of inventory item if you know the component, version, and license for the third-party code or artifact and you either are able to locate it in the Code Insight Data Library using the Component Lookup feature or you need to create it as a custom component because it is not in the library. This type of inventory is associated with a registered component instance—that is, a unique component-version-license combination—and is affected by policies and receives vulnerability updates and alerts. |
The Component Lookup feature, made available when you select the Component type, enables you to associate the inventory item with an existing registered component instance (or a new instance that you create). Alternatively, you can create the custom component and instance to associate with the item (see Creating a Custom Component).
The following are basic steps for using Component Lookup. For more details, see Searching Components.
|
a.
|
Click the Lookup Component button to locate the component of interest (as described in the next steps) or to create a custom component and instance to associate with the inventory item (see Creating and Editing Custom Components for continued steps). |
|
b.
|
In the list of results, navigate to the appropriate component, and click Show Versions to display the list of registered instances (version-and-license combinations) for that component. |
|
c.
|
Click Use This Instance next to an existing registered instance (a component version and its license) to associate that instance with the inventory item. |
or
If you need to update the license for the existing instance that you want to associate with the inventory item, click the instance’s license in the Selected License column to display a dropdown that lists the licenses in categories. If you select the license from multiple licenses under the System Suggested License category or select the license from the Other Licenses category, the Update License Mapping window is displayed, giving you the option to save the license mapping at the system level. If you select Yes, all future inventory system-generated for the component version will be mapped to this license. (A user-preferred-license icon 
is displayed next to the license.) Any other instances for the same version in the list are replaced with this single instance that uses the user-preferred license. If you select No, the instance is simply updated. (For more information about saving the license mapping at the system level, see Specifying a User-Preferred License Mapping .
Note that you cannot create a custom license from the Lookup Component window to associate with a component version. However, you can create a custom license for the inventory item from its New Inventory window (after you select a component instance from the Lookup Component window) or from its Edit Inventory window. Alternatively, you can create custom licenses from the Policy Details window or from the Licenses tab on the Global Component & License Lookup page. For more information, see Creating and Editing Custom Licenses.
or
Click Register New Instance to create a new instance to associate with the inventory item. To create the new instance, select an existing component version (or choose the Create Custom Version value to specify a new version) and then select the license to associate with the instance. (See the previous paragraph for instructions on selecting a license. If you select No on the Update License Mapping window, a regular instance is added to the instance list for the component.) Once the new instance is created, click Use This Instance next to the new instance to associate it with the inventory item. (If you register a new component instance when creating inventory, the registered instance becomes available for selection across the system.)
Once the instance is selected, the Name and Description editable fields on the Inventory Details pane for the inventory item are automatically populated with information based on the registered instance you selected. Additionally, the Component and License fields are populated with the component, version, and license of the instance. Information 
icons are added so that you can view publicly available information about the selected component or its license.
You can also make a last-minute change to the selected component version or its associated license without returning to the Component Lookup feature. Simply click the Edit 
icon next to the Component or License value and select another version or license from respective dropdowns. If you select a new license, the Update License Mapping window might display (depending on your license selection). This window provides the option to save the license mapping for the component version at the system level. If you select Yes, all future inventory system-generated for the component version will be mapped to this license. If you select No, the license mapping for the component version is updated for the current inventory item only. (For more information about the Update License Mapping window and the option to save your license mapping at the system level, see Specifying a User-Preferred License Mapping .)
|
•
|
License Only—Create this type of inventory item if you know the license for the third-party code or artifact but do not know the component. (You can later edit this inventory item to convert it to one of the other inventory types.) This type of inventory is typically used for groups of files of unknown origin that are governed by a specific license. The inventory is affected by policies. |
When creating License Only inventory, also select the appropriate license from License dropdown list, which is enabled when you select this type.
The Name field for the inventory item is automatically populated with the name Files under <LICENSE_NAME> License, where <LICENSE_NAME> is license you selected. The 
icon is added so that you can view details about the selected license.(You can also click New to create a custom license. See When Creating or Editing a “License Only” Inventory Item for details.)
|
6.
|
Click Save. The name of the inventory item is added to the Inventory Items list. |
|
7.
|
(Optional) If you created a License Only inventory item, view details about the license selected for the new inventory item on the Licenses Details tab in the right pane. |