Integrating Fortify into a Build Process
I am attempting to see if I can integrate Fortify scans into my build process. I have done some research, but can't seem to find anyway to extract scripts from Fortify's audit workbench. Is this at all possible? Should I just build a batch file to accomplish this?
Building your own batch file would be the best approach.
You can get information on scanning your projects from the HPE Security Fortify Static Code Analyzer User Guide and from help file of the commandline sourceanalyzer -h
It really is a three step process
- Clean
- Translate
- Scan
There are examples at the top of the help file.
If you wanted, you could also use the Scan Wizard tool, but personally I do not like using it for build integration long term. It creates a complicated batch file, it specifies files specifically (so if new files get added over time it will not pick them up).
If you want to know how Audit workbench performs it scans, you can add the following command options: "-verbose" "-debug" "-logfile" "c:\temp\translate.log" or "c:\temp\scan.log"
Then you can look at the log files for the line that is "Args:" This will contain a list of arguments (in quotes and separated by commas) of what command-line arguments were passed to sourceanalyzer.exe.
With this information, you could create a batch file to run and perform the scan. (Make sure the batch file has all three steps I mentioned earlier).
The GUIs are just a front end for sourceanalyzer.exe
- How to deploy artifact to github releases using TeamCity
- SQL Exception when starting TeamCity
- Change port for TeamCity web server
- The "TransformXml" task was not found (error MSB4036) on TeamCity build
- Microsoft NuGet targets Error while building Project from Teamcity
- Run CI build on pull request merge in TeamCity
- How to get a teamcity.build.branch from TeamCity
- How to stop "Just In Time Debugging" messages blocking a buildserver
- C# Object Initializers and v2.0 compiler error
- How to build .vdproj msi using TeamCity?
- Unexpected at this time
- Using the percent sign in TeamCity build scripts
- Teamcity build log
- MSBuild error MSB3021: Unable to copy file. Could not find file 'obj\Release\myWebProject1.dll'
- NPM Install failing in docker container - npm WARN tar ENOENT: no such file or directory
- Pytests failing on Teamcity due to Matplotlib backend
- Nuget Packages exclude version in folder naming
- HTTP Error 401: Unauthorized using urllib.request.urlopen
- Unable to delete file SQLite.Interop.dll, access to the path '' is denied when trying to clean multi targeting (net472 and netstandard2.0) project
- SpecFlow/MSBuild Codebehind Gen - Generate All task
- TeamCity BuildAgent does not see the network drive
- dotnet test command not finding Microsoft.TextTemplating.targets
- How to change TeamCity data directory?
- npm check and update package if needed
- How to specify space or tab as separator in teamcity multiple parameter specification
- PowerShell exit code is always 0 in TeamCity 8 build step
- how to run hg recover command on a remote repository
- Merge InspectCode (Resharper) and OpenCover code coverage report into Sonar Qube Build
- MSBuild is replacing Newtonsoft.Json.dll with an older version
- How to Publish Web with msbuild?