Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Respected Contributor.. Amrityam_Rout Respected Contributor..
Respected Contributor..
327 views

Incremental scan in Fortify SCA docker image

Any one running incremental scan inside Fortify SCA docker?

Any help or ideas would be much appreciated.

 

 

Labels (1)
0 Likes
4 Replies
Trusted Contributor.. raspy Trusted Contributor..
Trusted Contributor..

Re: Incremental scan in Fortify SCA docker image

I would store base FPR within a volume or externally (on the host). Then when I would want to do the incremental scan, I would mount the volume to the SCA container to use as base. Details depend on how actually you build and use your Docker image.

0 Likes
Respected Contributor.. Amrityam_Rout Respected Contributor..
Respected Contributor..

Re: Incremental scan in Fortify SCA docker image

As per fortify SCA documentation, the previous build ID of base scan would be required during incremental scan.Since in docker image fortify is getting installed each time at container start up, I am wondering how to keep a track of the build ID.

0 Likes
Trusted Contributor.. raspy Trusted Contributor..
Trusted Contributor..

Re: Incremental scan in Fortify SCA docker image

Build ID is something that you set up explicitly with -b parameter. You can reuse the same ID with another scan. If you need to store data from a previous scan, I would again use a volume to mount as fortify.home, so that it survives container death.

0 Likes
Respected Contributor.. Amrityam_Rout Respected Contributor..
Respected Contributor..

Re: Incremental scan in Fortify SCA docker image

Yes I can understand..So I need to find out which specific data for a scan I need to store in the disk.

If any one has previously done that, it would be great if you can share.

😊 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.