HP Fortify - Steps
Steps
Steps
Process steps in the HP Fortify plug-in
Fortify Build
Run a build using Fortify
| Name | Type | Description | Required |
|---|---|---|---|
| Build Id | String | The build id for HP Fortify | Yes |
| Build Options | String | The options passed to the SourceAnalyzer. Each argument should be on a new line. | No |
| HP Fortify Configuration | No | ||
| Java Memory Setting | String | An optional argument given to the HP Fortify scan to allocate its maximum memory. Example: -Xmx1200m | No |
| SourceAnalyzer Options | String | A list of new-line or space separated options to add to the SourceAnalyzer command. Example: -64 | No |
Fortify Clean
Run a clean with the Fortify SourceAnalyzer
| Name | Type | Description | Required |
|---|---|---|---|
| Build Id | String | The build id for HP Fortify | Yes |
| HP Fortify Configuration | No | ||
| Java Memory Setting | String | An optional argument given to the HP Fortify scan to allocate its maximum memory. Example: -Xmx1200m | No |
| SourceAnalyzer Options | String | A list of new-line or space separated options to add to the SourceAnalyzer command. Example: -64 | No |
Fortify Scan
Run a scan using Fortify and upload the results to uBuild
| Name | Type | Description | Required |
|---|---|---|---|
| Build Id | String | The build id for HP Fortify | Yes |
| HP Fortify Configuration | No | ||
| Java Memory Setting | String | An optional argument given to the HP Fortify scan to allocate its maximum memory. Example: -Xmx1200m | No |
| Report Name | String | The name of the report | Yes |
| Scan File | String | The output file of the scan. The file name must be in FVDL format. | Yes |
| SourceAnalyzer Options | String | A list of new-line or space separated options to add to the SourceAnalyzer command. Example: -64 | No |
Fortify Upload
Upload the Fortify scan output to the HP Fortify and uBuild servers
| Name | Type | Description | Required |
|---|---|---|---|
| HP Fortify Configuration | No | ||
| Project | String | The Project name in the HP Fortify server to upload results to | Yes |
| Report Name | String | The name of the report | Yes |
| Scan File | String | The output file of the scan. The file name must be in FVDL format. | Yes |
| Version | String | The Project Version name in the HP Fortify server to upload results to. | Yes |
Roles in the HP Fortify plug-in
The plug-in adds these roles automatically to resources. You cannot add these roles manually.
HP Fortify Configuration
| Name | Type | Description |
|---|---|---|
| Access Token | Password | Access Token to use to log in to the HP Fortify server instead of using a username and password |
| Command Path | String | Optional path to the SourceAnalyzer and FortifyClient executables if not on the path. This should only be the path to the directory containing them. |
| Password | Password | Password to login to the HP Fortify server |
| Server URL | String | URL to the HP Fortify server web interface. This should include protocol and port if needed. Eg. http://fortify.example.com:8080 |
| Username | String | Username to login to the HP Fortify server |