Analysis and Report Configuration
Analysis and report configuration can be done in two ways:
- using Freestyle project
- using Jenkins Pipeline
Freestyle Project
- Select the desired Item then click Configure and go to step 5. Or create a New Item.
Figure 10.13: Jenkins: New Item
- Enter the Item's name.
- Select Freestyle project.
Figure 10.14: Jenkins: Freestyle Project
-
Click OK.
-
In the Add Build Step field of the Build section, select Execute DerScanner Static Analysis.
-
In the DerScanner project ID section that appears:
-
Enter the project UUID. Project UUID is an identifier of the existing DerScanner project. You can copy Project UUID in the side menu of the project. Example: 9feefaf0-4c17-47fe-b1f5-f7f64d4da722. Scan settings below will re-configure DerScanner project if Project UUID field is not empty. If Project UUID field is empty, Jenkins plugin will create a new project in DerScanner.
-
Select a server.
-
-
Configure other scan settings (if necessary). More information about scan settings in Settings.
-
In the Add post-build action section, select DerScanner Static Analysis report export in PDF and configure it (if necessary). See more information about report parameters in Export Report.
-
Click Save.
Figure 10.15: Jenkins: Post Build Actions
Pipeline
- Select the desired Item then click Configure and go to step 5. Or create a New Item.
- Enter the Item's name.
- Select Pipeline.
- Click OK.
- In the Pipeline section of the project configuration page that opens, click Pipeline Syntax.
Figure 10.16: Jenkins: Pipeline Syntax
- In the browser tab that opens, in the Sample Step field of the Steps section, select step: General Build Step.
- In Build Step field, select Execute DerScanner Static Analysis.
Figure 10.17: Jenkins: Build Step
-
In the DerScanner project ID section that appears:
-
Enter the project UUID. Project UUID is an identifier of the existing DerScanner project. You can copy Project UUID in the side menu of the project. Example: 9feefaf0-4c17-47fe-b1f5-f7f64d4da722. Scan settings below will re-configure DerScanner project if Project UUID field is not empty. If Project UUID field is empty, Jenkins plugin will create a new project in DerScanner.
-
Select a server.
-
-
Configure other scan settings (if necessary). More information about scan settings in Settings.
-
Click Generate Pipeline Script.
Figure 10.18: Jenkins: Generate Pipeline Script
- Copy the appeared script to use it on the project configuration page (step 5.) in the Script field.
- Return to the Pipeline Syntax tab.
- In the Build Step field, select DerScanner Static Analysis report export in PDF.
Figure 10.19: Jenkins: Report Export in PDF
- In the form that appears, configure generating report options (if necessary). See more information about report parameters in Export Report.
- Click Generate Pipeline Script.
- Copy the appeared script to use it on the project configuration page (step 5.) in the Script field.
Example:
pipeline {
agent any
stages {
stage('code_obtain') {
steps {
git 'https://github.com/example.git'
}
}
stage('analysis') {
steps {
step([
$class: 'InCodeBuilder',
analyzeConfig: true,
analyzeJsLibs: false,
analyzeLib: true,
configUuid: '75ed295c-728a-409a-9c5d-de85ad30b932',
dirExc: '',
dirInc: '**',
extrules: false,
incremental: false,
langs: [
[checked: false, name: 'Java, Scala, Kotlin', value: 'JAVA'],
[checked: false, name: 'PHP', value: 'PHP'],
[checked: true, name: 'C#', value: 'CS'],
[checked: false, name: 'JavaScript', value: 'JAVASCRIPT'],
[checked: false, name: 'LotusScript', value: 'LOTUS'],
[checked: false, name: 'TypeScript', value: 'TYPESCRIPT'],
[checked: false, name: 'VBScript', value: 'VBSCRIPT'],
[checked: false, name: 'HTML5', value: 'HTML5'],
[checked: false, name: 'Python', value: 'PYTHON'],
[checked: true, name: 'C/C++', value: 'CCPP'],
[checked: false, name: 'Objective-C', value: 'OBJC'],
[checked: false, name: 'Swift', value: 'SWIFT'],
[checked: false, name: 'PL/SQL', value: 'PLSQL'],
[checked: false, name: 'T-SQL', value: 'TSQL'],
[checked: false, name: 'ABAP', value: 'ABAP'],
[checked: false, name: '1C', value: 'ONES'],
[checked: false, name: 'Apex', value: 'APEX'],
[checked: false, name: 'Go', value: 'GO'],
[checked: false, name: 'Ruby', value: 'RUBY'],
[checked: false, name: 'Rust', value: 'RUST'],
[checked: false, name: 'Groovy', value: 'GROOVY'],
[checked: false, name: 'Dart', value: 'DART'],
[checked: false, name: 'Delphi', value: 'DELPHI'],
[checked: false, name: 'VBA', value: 'VBA'],
[checked: false, name: 'Visual Basic 6', value: 'VB'],
[checked: false, name: 'Solidity', value: 'SOLIDITY'],
[checked: false, name: 'COBOL', value: 'COBOL']
],
mobileApp: false,
noBuild: true,
projectUuid: '',
ruleSets: [],
sourceEncoding: 'UTF-8',
visualStudio: false
])
}
}
stage('report_extraction') {
steps {
step([
$class: 'InCodePublisher',
classificationVul: 'CR',
comparisonScan: '',
criticalVul: true,
f5: false,
fixedIssues: false,
impervaSecure: false,
includeComparison: false,
includeDeleted: false,
includeNotDecompiled: false,
includeStd: false,
lowLevelVul: false,
midLevelVul: true,
modSecurity: false,
newIssues: true,
savedIssues: true,
scanDuration: true,
scanHistory: false,
score: true,
vulTable: true
])
}
}
}
}
- Click Save.