gradle - SCA 和 gradle 包装器集成

Question

注意到我可以在文档中使用 gradle 和 SCA

sourceanalyzer -b build gradle clean build

但是我正在尝试使用包装器，但我不断收到 sourceanalyzer error=2 ...

>>>>>>>sourceanalyzer -b buildxyz ./gradlew clean build
starting init script
TaskListener registered.
Configuration on demand is an incubating feature.
> Task :clean


FAILURE: Build failed with an exception.

* Where:
Initialization script '/Users/.../.fortify/sca17.2/build/buildxyz/init-script4841163810233991317.gradle' line: 203

* What went wrong:
java.io.IOException: Cannot run program "sourceanalyzer": error=2, No such file or directory
> Cannot run program "sourceanalyzer": error=2, No such file or directory

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.

* Get more help at https://help.gradle.org

Deprecated Gradle features were used in this build, making it incompatible with Gradle 5.0.
See https://docs.gradle.org/4.8.1/userguide/command_line_interface.html#sec:command_line_warnings

即使只是使用 gradle，我也会得到一个不同的错误......

>>>>>>>sourceanalyzer -b buildxyz gradle clean build
[warning]: File clean not found

Answer 1

我使用 Fortify & gradle 的三步过程：

1. 干净的

   sourceanalyzer -b ${SEC_REPORT_NAME} -verbose -clean

2. 建造

   sourceanalyzer -b ${SEC_REPORT_NAME} -gradle -verbose gradle -Dorg.gradle.java.home=/opt/jdk8 ${SEC_BUILD_TARGETS}

3. 扫描

   sourceanalyzer -b ${SEC_REPORT_NAME} -verbose -scan -f ${SEC_TARGET}/${SEC_REPORT_NAME}.fpr

应用程序报告 ID在哪里${SEC_REPORT_NAME}- 每个步骤都应该相同 ${SEC_BUILD_TARGETS}是 gradle 的标准构建目标（“干净构建”） ${SEC_TARGET}是输出目录

Answer 2

看起来“sourceanalyzer”不在路径中，因为根据此消息在系统上找不到它：

• 出了什么问题：java.io.IOException：无法运行程序“sourceanalyzer”：错误=2，没有这样的文件或目录

  无法运行程序“sourceanalyzer”：错误=2，没有这样的文件或目录

确保 sourceanalyzer 安装在本地和路径中。

Answer 3

如果您遇到此错误，则基本上是由于未将 Fortify 安装添加到系统的PATH.

从技术上讲，您可以执行以下任何操作：

MAC/Linux

zsh:
export PATH="/Application/<Fortify Installation Dir>/bin:$PATH" >> ~/.zshrc

bash:
export PATH="/Application/<Fortify Installation Dir>/bin:$PATH" >> ~/.bashrc

视窗：

将 bin 安装目录添加到 GUI 路径。