We did a Fortify on-premises trial and recently purchased it. We are running SSC, SCC, and SCA 20.1 all on Windows 2019 server (1 server for each). We are primarily scanning .NET projects and individual PL/SQL files.
We are using Azure DevOps to launch builds on build servers. We have the Azure DevOps Fortify plugin. The scan central tools are installed on the build servers so that the Azure DevOps plugin can run them. On the build servers it is just the software so it can be run; SCA is not configured as a service that can be run from SCC on the build servers.
For the .NET projects, we run the translate step with the .sln file on the build servers and then have it sent to SCC for further scanning.
Jobs are sent to scan central via the Azure DevOps plugin, which queues them and runs them on the SCA server. The .NET projects do the translation step with the .sln files on the build server.
What I've found is that the translate and scan processes leave large files behind that quickly fill up all your disk space.
On the build servers, the files accumulate here:
I found that if I run clean after the Scan Central upload (via the Azure DevOps plugin) that most of the time these intermediate files get cleaned up, but sometimes files aren't cleaned up. (I haven't analyzed them, but it's possible the script failed and it skipped the clean step.)
On the SCA server (an agent controlled by scan central), I'm accumulating many files here:
Is there an "official" way I should be cleaning up these disk-consuming files? Or do I just need to create a scheduled job that deletes everything more than x days old?
I realize that there can be situations where you don't want to delete the files. I think they are the following:
- Performing incremental scans
In our setup, I'm not really interested in #2 and if I need #1 I could disable a scheduled job.
Thanks for any guidance.