Integrate Coverity scan to Opsera pipeline as a security gate.
Note: Coverity is a licensed tool and please open an support Jira request as it requires work from our end to add your license to enable the integration.
...
| Table of Contents | ||||
|---|---|---|---|---|
|
Tool Registry Setup
Coverity Tool Configuration
Click Tool Registry under Operations in Home page .
Click ‘+ New Tool Tool’ button to add Coverity.
3. Locate the Coverity tool and click ‘Select Tool’ button.
...
4. Provide a Tool name Name and search for select Coverity under as Tool Identifier.
...
45. Provide a description and click Create .
5.Click the connections tab in the Coverity 6. In Tool Details of new Coverity tool, navigate to the Connections tab and provide URL, User name Username and Password, upload the license file by clicking the ‘Select Coverity License’ button.
...
6
7. Click Save and go to usage Tab and come the ‘Save’ button. Navigate to Usage tab or another tab, then back to Connection tab to click Test connection . Click ‘Test Connection’ button to validate the connectivity7.Go . If tool connection is successful, you will receive the following messages:
...
Jenkins Tool Account Configuration using Coverity
Navigate to Tool Registry and choose the Jenkins tool associated
...
with your pipeline.
...
82. Click the In Accounts Tab and tab click “'+ Register New Account Credentials”
...
9.Add the Coverity from the drop down to add the tool and provide Credential name and Description for pipeline reference.
10. Click Pipelines to add Coverity Credentials' button.
...
3. Select Coverity from the Platform dropdown and the Coverity tool from the Tool drop down. Provide a Credential Name and Description for pipeline reference.
Jenkins Tool Job Configuration using Coverity
Coverity provides Linux Windows-based support as well as Ubuntu support.
Navigate to the Jobs tab and select ‘+ New Jenkins Job’ button
Select Coverity Scan from the Job Type dropdown. Provide a Name and Description for pipeline reference. Select ‘Ubuntu Agent’ or ‘Windows Agent’ from the Agent Label dropdown.
Click the ‘Create’ button.
Coverity Pipeline
Coverity Pipeline Configuration
1. Navigate to Pipelines to add Coverity tool to pipeline for code scan.
112. Open any pipeline and Click workflow ->Edit → Edit Workflow → click Click + icon to add Coverity step
...
12
3. Provide the step name (can be any) and choose the Tool Coverity
...
13. Click Save a unique Step Name of your choice. Choose Coverity from the Tool dropdown.
...
4. Click the ‘Save’ button and Click the Setting wheel icon to add the Coverity Configurations from Tool Regsitry14Registry.
...
5. Choose the Jenkins tool associated to with the Coverity Tool
...
15
6. Add Select the Coverity tool and credentials from the Drop down 16Tool, Coverity Credentials and Coverity Project Name from the respective dropdown.
7. Provide the Coverity Stream Name17.Choose the .
8. From the .Net CLI Type dropdown, select .Net (core) or .Net Framework.
...
9. From the .Net SDK Version dropdown, select the .Net Framework or .Net Core Version.
10. Make selections from the following dropdowns to choose what needs to be scanned: Select SCM Account , Repository and Branch that needs to scanned part of the pipeline18.Click Save .
11. Click ‘Save’ button and exit the Step configuration Configuration form.
...
1912. Click Start pipeline Pipeline to execute the Coverity Step.
...
Pipeline Logs
1. Navigate to Summary view to validate the Coverity Console output.
...
212. Click the Console Output ‘Console Log’ to view the logs.
...
223. Click the X on top of the screen to go to the summary view to validate other stages in the pipeline.