Create version under existing application in Fortify SSC dynamically using REST API

Hello,

We have configured Fortify ScanCentral with Azure. We require version under the existing application to be created automatically in Fortify SSC. I tried Fortify SSC REST API with the below payload. It's creating new application and also version. But we are looking for version to be created within the existing application in Fortify SSC automatically whenever we pass new version from Azure pipeline. 

Could you please let us know possible way to do this? Can we do this via REST API?

POST to /ssc/api/v1/projectVersions

Payload:

{

  "name": "1.0",

  "description": "",

  "active": true,

  "committed": false,

  "project": {

    "name": "Test Application 2",

    "description": "",

    "issueTemplateId": "Prioritized-HighRisk-Project-Template"

  },

  "issueTemplateId": "Prioritized-HighRisk-Project-Template"

}

  • To your question:

    Payload:

    {

      "name": "1.0",

      "description": "",

      "active": true,

      "committed": true,

      "project": {

       "id": <id of the project>

        "name": "Test Application 2",

        "description": "",

        "issueTemplateId": "Prioritized-HighRisk-Project-Template"

      },

      "issueTemplateId": "Prioritized-HighRisk-Project-Template"

    }

    __________

    We have another problem... Updated the SSC Version to 21.10 and since this time our call with payload 

    POST /api/v1/projectVersions

    Headers FortifyToken 12345-12345...

    {
        "name""master",
        "description""VER desc",
        "active"true,
        "committed"false,
        "project": {
            "name""CREATETEST",
            "description""APP desc",
            "issueTemplateId""eab23ba9-02a7-486c-8ec2-20b085811385"
        },
        "issueTemplateId""eab23ba9-02a7-486c-8ec2-20b085811385"
    }
    is failing with status 500 An internal error has occurred. Please contact your Fortify System Administrator.
    2021-11-29 10:06:25,610 10.96.145.169 /api/v1/projectVersions [ERROR] com.fortify.manager.logging.ExceptionInterceptor - Intercepted exception of type [com.fortify.manager.exception.FMInternalException] thrown by target class [com.fortify.manager.BLL.impl.core.ProjectVersionCoreBLLImpl] and method [public com.fortify.server.platform.types.ProjectVersion com.fortify.manager.BLL.impl.core.ProjectVersionCoreBLLImpl.create(com.fortify.server.platform.types.ProjectVersion)]
    com.fortify.manager.exception.FMInternalException: An internal error has occurred. Please contact your Fortify System Administrator.
    at com.fortify.manager.service.PermissionServiceImpl.getAppVersionCreatingSecEntityIdIfNeeded(PermissionServiceImpl.java:176) ~[ssc-core-21.1.2.0005.jar:?]
  • Hello Prakash,

    Tested with the following json info creating the "CREATETEST master" project version.

    {
        "name": "master",
        "description": "VER desc",
        "active": true,
        "project": {
            "name": "CREATETEST",
            "description": "APP desc",
            "issueTemplateId": "Prioritized-HighRisk-Project-Template"
        },
        "issueTemplateId": "Prioritized-HighRisk-Project-Template",
        "committed": true
    }

    Thank you,
    Richard Pinaroc
    Fortify Technical Support
    Micro Focus

  • There is a public site with SSC Server API samples.  I believe the following linked section on creating a new Application Version will help.  You will likely want to utilize the CopyState option so that all Issues and FP and other Mark-ups you have addressed in the prior Application Version N will be migrated and present for your new Application Version N+1, lessening the auditor's workload for this new Application Version N+1.

    Creating a version in SSC is a three-part process.

    1. create the bare bones resource
    2. assign attributes / users / templates
    3. commit the version (ready for use)
    4. One optional fourth step can be added if the options.copyCurrentState is set to true, to copy application state from an existing version.