Skip to content
This repository has been archived by the owner on Nov 24, 2019. It is now read-only.

jenkinsci/fortify-cloudscan-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

220 Commits

docs/images

docs/images

 
 

src/main

src/main

 
 

Jenkinsfile

Jenkinsfile

 
 

LICENSE.txt

LICENSE.txt

 
 

README.md

README.md

 
 

pom.xml

pom.xml

 
 

release.sh

release.sh

 
 

Repository files navigation

Build Status License

Fortify CloudScan Jenkins Plugin

Fortify CloudScan allows an organization to host their own internal cloud-based infrastructure of Static Code Analyzer (SCA) machines that are distributed jobs by a centralized controller and optionally integrated with Software Security Center (SSC). CloudScan is included with Fortify 4.30 and higher and was an optional component in previous versions of Fortify.

This plugin provides simple configuration of CloudScan jobs without sacrificing the flexibility of performing custom scan jobs.

Deprecation Notice

With the launch of Fortify 19.2 in November 2019, Micro Focus now supports Scan Central (aka CloudScan) in the Jenkins plugin. The official support goes beyond the capabilities offered in this plugin and as a result, this plugin is being deprecated. As of November 24 2019, this plugin will no longer be maintained. Please consider migrating to the official Fortify plugin.

Usage

Step 1 - Configure Fortify CloudScan global parameters

global configuration

Add the URL to Fortify CloudScan and to Software Security Center (SSC). Using SSC is optional but recommended. When SSC is used, the controllers URL will be resolved from SSC. However, scans can also be sent directly to the controller without passing through SSC. When using SSC, a token will be required for authentication. This token is only used for displaying projects and project versions in the job configuration. The token should be assigned to a user with the ability to read all projects and versions from SSC.

Step 2 - Configure job to invoke Fortify CloudScan

job configuration

Fill out the required Build ID field and optionally the other fields. When using SSC, the plugin can perform lookups for project version id's based on the selected project and version retrieved dynamically from SSC.

Selected the 'Advanced' button will provide configuration for commonly used advanced parameters. If custom parameters are required, use the 'Advanced Scan Arguments' textbox.

advanced job configuration

Copyright & License

Fortify CloudScan Jenkins Plugin is Copyright (c) Steve Springett. All Rights Reserved.

Fortify and Fortify CloudScan are Copyright (c) Micro Focus All Rights Reserved.

Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE file for the full license.

About

Jenkins plugin for Fortify CloudScan

Topics

jenkins-plugin sca fortify cloudscan

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

9 stars

Watchers

4 watching

Forks

11 forks
Report repository

Releases

12 tags

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages