[JENKINS-52803] IBM Application Security on Cloud plugin does not currently allow for third party code to be scanned

Type: Bug
Resolution: Unresolved
Priority: Minor
Component/s: ibm-security-appscansource-scanner-plugin
Labels:
- plugin

Similar Issues:
Powered by SuggestiMate

Show

I get the following message when trying to scan code on our jenkins server using the plugin mentioned above:

Static Analyzer has determined that you are only scanning third party code. To enable the scanning of third party code, regenerate the IRX file using the --thirdParty option.

ERROR: Failed to run the security scan: Problems occurred generating the IRX file. See /home/ibmadmin/rpcatal/Spark-DK/core/SparkyScan_2018-07-27_15-37-04_logs.zip for details.
Finished: FAILURE

Since this --thirdparty command is to be issued on the command line before the IRX file is generated, I have no way of doing this. There should be an option, like a checkbox or something in the build step for this plugin that allows you to specify whether or not the code is third party so the code scan can run.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

jenkins_asoc_plugin_error.PNG
39 kB
2018-07-30 19:26

Assignee:: Kevin Fealey

Reporter:: Robert Catalano

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2018-07-30 19:26

Updated:: 2018-08-20 19:37

Jenkins

Details

Description

Attachments

Attachments

Activity

People

Dates