Integrate Coverity scan to Opsera pipeline as a security gate.
Tool Registry - Coverity tool Configuration
Click Tool Registry under Operations in Home page
Click ‘New Tool’ button to add Coverity
3.Provide a Tool name and select Coverity as Tool Identifier
4. Provide a description and click Create .
5. In Tool Details of new Coverity tool, navigate to the Connections tab and provide URL, Username and Password, upload the license file by clicking “Select Coverity License”
6. Click Save. Navigate to usage Tab or another tab, then back to Connection tab. Click Test Connection to validate the connectivity. If tool connection is successful, you will receive the following messages:
Tool Registry - Jenkins tool Account Configuration using Coverity
Navigate to Tool Registry and choose the Jenkins tool associated with your pipeline.
2. In Accounts tab click '+ Register New Account Credentials' button
3. Select Coverity from the drop down and the Coverity tool from the Tool drop down. Provide a Credential Name and Description for pipeline reference.
Tool Registry - Jenkins tool Job Configuration using Coverity
Coverity provides Linux Windows-based support as well as Ubuntu support.
Navigate to the Jobs tab and select ‘+ New Jenkins Job’ button
Select Coverity Scan from the Job Type dropdown. Provide a Name and Description for pipeline reference. Select ‘Ubuntu Agent’ or ‘Windows Agent’ from the Agent Label dropdown.
Click the ‘Create’ button.
Pipeline Coverity Configuration
1. Navigate to Pipelines to add Coverity tool to pipeline for code scan.
2. Open any pipeline and Click workflow → Edit Workflow → Click + icon to add Coverity step
3. Provide a unique Step Name of your choice. Choose Coverity from the Tool dropdown.
4. Click the ‘Save’ button and Click the Setting wheel icon to add the Coverity Configurations from Tool Registry.
5. Choose the Jenkins tool associated with the Coverity Tool
6. Select the Coverity Tool, Coverity Credentials and Coverity Project Name from the respective dropdown.
7. Provide the Coverity Stream Name.
8. From the .Net CLI Type dropdown, select .Net (core) or .Net Framework.
9. From the .Net SDK Version dropdown, select the .Net Framework or .Net Core Version.
10. Make selections from the following dropdowns to choose what needs to be scanned: Select SCM Account , Repository and Branch.
11. Click ‘Save’ button and exit the Step Configuration form.
12. Click Start Pipeline to execute the Coverity Step.
Pipeline Logs
1. Navigate to ‘Summary’ view to validate the Coverity Console output.
2. Click ‘Console Log’ to view the logs.
3. Click the X on top of the screen to go to the summary view to validate other stages in the pipeline.