Micro Focus Fortify SSC
Use the Micro Focus Fortify SSC bundled plugin to upload Fortify SCA scan results to Micro Focus Fortify Software Security Center.
Review these considerations before using the Micro Focus Fortify SSC plugin:
This plugin works together with the Fortify SCA plugin. When you run the Fortify SCA scan, you can then use the Fortify SSC plugin to pick up the scan results and upload them to Fortify Software Security Center.
For details about the Fortify SCA plugin, see Micro Focus Fortify SCA.
If the processing of the Fortify scan results requires approval, make sure that the approval is granted through Fortify Software Security Center before you run the chain. Otherwise, the plugin step cannot complete.
When you add the Fortify SSC plugin to a chain, specify the following configuration details:
|Title||Enter a name for this plugin step.|
|Fortify Software Security Center URL||
Enter the Fortify Software Security Center server URL. You can set it as a global variable, for example:
For details, see Define chain and global variables.
|Application name||Enter the name of the application for which to store the scan results in Fortify Software Security Center.|
Enter the version number associated with the application. If it doesn't exist, the plugin creates it.
To use the build number as the application version, set it as a variable:
For details about built-in variables, see Use variables in chains.
|Results file location (.fpr)||
Enter the local path to the Fortify Project Results (FPR) file generated by the Fortify SCA plugin.
Leave empty to pick up the latest FPR file in the agent's workspace.
(Optional) To filter the scan results based on a filter set, specify the ID of the filter set.
Leave empty to use the default filter set defined in Fortify Software Security Center.
|Use advanced options||
Provide the authentication tokens created in Fortify Software Security Center:
Optionally, set the status check and timeout:
(Optional) Expand Control options and define the following settings:
|Output variables||(Optional) Enter the variables to be passed to other steps down the chain. For details, see Publish output variables.|