How can i generate single fortify FPR report for multi level maven project ?? can some one tell what should be the maven goal in jenkins.#fortify #jenkins

How can i generate single fortify FPR report for multi level maven project ?? can some one tell what should be the maven goal in jenkins.

#fortify #jenkins

  • I recommend that you use the 16.10 version of the SCA maven plugin; it makes translating and scanning multiple modules into one FPR a lot easier than previous versions of the plugin. By default, the 16.10 maven plugin will clean, translate and scan multiple modules in the aggregate and generate a single analysis results file.

    Further details on using the plugin with multiple modules (and other use cases) can be found by consulting the plugin's documentation. This can be found at <SCA Install Folder>/plugins/maven/maven-plugin-bin/docs/index.html

    From there, for the multiple modules information, click "Usage" on the left, then "Direct Invocation". Lower down the page there is a section named "Analyzing a multiple-module project".

    -Josh

    Fortify L3 Support Engineer