Cloudscan combine scan multiple build ids
I am using Fortify 17.10
By doing the scan as below, I am able to combine and scan multiple build ids.
sourceanalyzer -b mysqlibuild -b hotelbuild -scan -f results.fpr
However If I do the following with cloudscan, only mysqlibuild gets scanned:
cloudscan.bat -sscurl http://win-gyie1d8a225:8080/ssc -ssctoken xxxxxxxx-xxxx-43cf-a085-36703ae1e3c5 start -upload -versionid 10005 -uptoken xxxxxxxx-xxxx-43be-9e5f-969cdc35eff5 -b mysqlibuild -b hotelbuild -scan
How do I combine and scan multiple build ids with cloudscan?
cloudscan did not support scanning with multiple mbs. We ended up using Jenkins.
cloudscan has since added support for weighted pools but am not sure which version it will be supported from.
The approaches to scan are mentioned in https://community.softwaregrp.com/t5/Protect-Your-Assets/SCA-Various-approaches-for-including-dependency-source-code/bc-p/1497813#M1399
There will new few differences in results when scanning the project with sources as one MBS versus scanning with multiple MBS files.