Help Center/ KooGallery/ Seller Guide/ Product Release/ Common Product Release/ License Release Guide/ Adding and Managing Application Assets
Updated on 2025-12-02 GMT+08:00
View PDF
Share

Adding and Managing Application Assets

KooGallery provides a unified asset management center for you to add, modify, delete, and perform other operations on assets.

You can release application assets added to KooGallery as commercial license software later. Before releasing an application asset, ensure that its software package complies with Asset Security Standards.

Asset Security Standards

After you submit a request for releasing an application asset, KooGallery automatically scans the software package of the asset against items listed in the following table.

Item

Requirement

Virus

Software packages cannot contain viruses, Trojan horses, or malicious programs.

Software package vulnerability

Software packages cannot contain high-risk vulnerabilities whose CVSS score is 7.0 or higher.

Supported Software Package Formats for Scanning

  • Binary package

    Item

    Description

    Language

    C, C++, Java, Go, JavaScript, Python, Rust, Swift, C#, and PHP

    Package format

    Installation package formats: .zip, .tar, and .tar.gz

    Names: Package names can include letters, digits, hyphens (-), underscores (_), and parentheses.

    File content formats: cramfs, yaffs, JFFS2, SquashFS, UBI, ISO 9660/UDF, Windows Imaging Format (WIM), Ext2, Ext3, Ext4, UBIFS, romfs, Microsoft disk image, Macintosh HFS, VMDK/OVA, QCOW2, and VDI

    Firmware formats: Android OTA Images, Android sparse image, MOT, Intel HEX, RockChip, and U-Boot (uImage, FIT image, and zImage)

    Executable file formats: PE and ELF

    Mobile app formats: Android, HarmonyOS, and iOS

    OS and CPU architecture

    Binary files built on the following OSs: Linux, Windows, Android, QNX, macOS, and RTOS

    CPU architectures: x86/x64, Arm/Arm64, MIPS, and PowerPC

    Package size

    Up to 20 GB
  • Docker image package

    Item

    Description

    Language

    C, C++, Java, Go, JavaScript, Python, Rust, Swift, C#, and PHP

    Package format

    Installation package formats: .zip, .tar, and .tar.gz

    Names: Package names can include letters, digits, hyphens (-), underscores (_), and parentheses.

    Container image format: .tar

    If there are multiple container images, pack each container image into a .tar file. Then combine all these .tar files into a .tar, .tar.gz, or .zip package.

    File format: OCI

    Container image version

    20.10 or later

    Example command for packing container images:

    docker save --format oci -o <Output file name.tar> <Image name:Tag>

    Package size

    Up to 20 GB

Adding an Asset

  1. Log in to the Seller Console using your Huawei Cloud account that you used to register with KooGallery.
  2. In the navigation pane, choose Product Management > My Assets. On the displayed page, click Add Asset in the upper right corner.
  3. In the Select Asset Type dialog box, set Category to Application and click OK.
  4. Enter related information as prompted and click Submit for Review. Then you can check the asset review status.

    1. If the size of the software package is greater than 1 GB, upload it to an OBS bucket under your account first. For details, see Using OBS Console.
    2. Check your software package against the KooGallery Product Security Review Standards 3.0. If it fails the check, rectify the issues first.

Checking the Asset Review Status

You can check the review status on the Requests tab under Product Management > My Assets.

  1. Approved: You can release the asset as a commercial license.
  2. Scanning: Wait for the system to check whether it complies with Asset Security Standards. If you have any questions, submit a service ticket to contact the customer service.
  3. Rejected: Click Details. On the asset details page, scroll down to Version Information and click the security scan report to download and view it.

    • If the security issues have been rectified, click Modify, upload the rectified software package, and submit it for review again.
    • If there are false positives, click Appeal to file an appeal.
      1. Enter the false positive conclusion in columns F, G, and H in the downloaded Security Scanning Report and save it.

      2. Click Upload Proof, upload the saved file, and click Submit in the lower right corner. The asset status changes to Reviewing. KooGallery will review the asset within three working days.

Modifying an Asset

  1. Choose Product Management > My Assets and click Modify in the Operation column.

  2. Under Version Information, click Modify in the row of a version.

  3. Click Upload File and select a new software package.

  4. Click Submit for Review.

Deleting an Asset

You can delete assets that are not associated with products and those in the draft box.

On the Product Management > My Assets page, click Delete in the Operation column and confirm the deletion.

Parent topic: License Release Guide