Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Integrate Coverity scan to Opsera pipeline as a security gate.

Table of Contents
minLevel1
maxLevel7

Tool Registry

...

Setup

Coverity

...

Tool Configuration

  1. Click Tool Registry under Operations in Home page .

  2. Click ‘New ‘+ New Tool’ button to add Coverity.

3. Locate the Coverity tool and click ‘Select Tool’ button.

...

4. Provide a Tool name Name and select Coverity as Tool Identifier.

...

45. Provide a description and click Create .

56. In Tool Details of new Coverity tool, navigate to the Connections tab and provide URL, Username and Password, upload the license file by clicking Select Coverity License

...

6. Click Save. Navigate to usage Tab the ‘Select Coverity License’ button.

...

7. Click the ‘Save’ button. Navigate to Usage tab or another tab, then back to Connection tab. Click Test Connection ‘Test Connection’ button to validate the connectivity. If tool connection is successful, you will receive the following messages:

...

Jenkins Tool

...

Account Configuration using Coverity

...

  1. Navigate to Tool Registry and choose the Jenkins tool associated with your pipeline.

...

2. In Accounts tab click '+ Register New Account Credentials”

...

Credentials' button.

...

3. Select Coverity from the drop down Platform dropdown and the Coverity tool from the Tool drop down. Provide a Credential Name and Description for pipeline reference.

Jenkins Tool Job Configuration using Coverity

Coverity provides Linux Windows-based support as well as Ubuntu support.

  1. Navigate to the Jobs tab and select ‘+ New Jenkins Job’ button

    Image Added
  2. Select Coverity Scan from the Job Type dropdown. Provide a Name and Description for pipeline reference. Select ‘Ubuntu Agent’ or ‘Windows Agent’ from the Agent Label dropdown.

    Image Added
  3. Click the ‘Create’ button.

Coverity Pipeline

Coverity Pipeline Configuration

1. Navigate to Pipelines to add Coverity tool to pipeline for code scan.

2. Open any pipeline and Click workflow → Edit Workflow → Click + icon to add Coverity step

...

3. Provide a unique step name Step Name of your choice and choose Coverity in Tool drop down. Choose Coverity from the Tool dropdown.

...

4. Click Save the ‘Save’ button and Click the Setting wheel icon to add the Coverity Configurations from Tool Registry.

...

5. Choose the Jenkins tool associated to with the Coverity Tool

...

6. Add Select the Coverity tool and credentials from the Drop downTool, Coverity Credentials and Coverity Project Name from the respective dropdown.

7. Provide the Coverity Stream Name.

8. Choose the . From the .Net CLI Type dropdown, select .Net (core) or .Net Framework.

...

9. From the .Net SDK Version dropdown, select the .Net Framework or .Net Core Version.

10. Make selections from the following dropdowns to choose what needs to be scanned: Select SCM Account , Repository and Branch that needs to scanned part of the pipeline.

911. Click Save ‘Save’ button and exit the Step configuration Configuration form.

...

1012. Click Start Pipeline to execute the Coverity Step.

...

Pipeline Logs

1. Navigate to Summary view to validate the Coverity Console output.

...

2. Click the Console Log ‘Console Log’ to view the logs.

...

3. Click the X on top of the screen to go to the summary view to validate other stages in the pipeline.