Versions Compared

Old Version 2

changes.mady.by.user Kiuwan Editor User

Saved on

compared with

New Version 3

changes.mady.by.user Kiuwan Editor User

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This task will run a Kiuwan baseline analysis as part of your build definition. To make it work you first need to decide if you are using the credentials in the Kiuwan service endpoint or override them with variables as describe above. Next you have to set other analysis options. First decide what is going to be the name of the application in Kiuwan you want to associate the results to. There are 3 options

...

  • Set a new application name. With this option you can create a new application in your Kiuwan account with the name you enter here.

 

 

Analysis label

This is the labal to identify your analysis in Kiuwan. The build number is automatically appended to the label you set here.

Image Added

Security analysis performance

When running security analyses only, you can improve the performance by skipping some analysis steps such as:

  • Duplication of code detection that is not relevant for security
  • Architecture analysis. If you have the architecture product available in your Kiuwan account you can skip the architecture analysis as well. The default is to skip it always.

Image Added

Database code analysis

If your project includes database code such as stored procedures for Oracle, SQLServer or Informix you have to select what kind of stored procedures they are if you want to analyze it.

Image Added

Advanced analysis settings

You can as well set some advanced settings to control the analysis:

  • Encoding of the source code (use java encoding strings)
  • Include patterns. Ant like patterns to specify the directories and files you want to analyze from your source coce structure.
  • Exclude patterns. Ant like patterns to specify the directories and files you don't want to analyze from your source code structure. These are applied after the include patterns.
  • Maximum memory to allocate for the analysis. Increase it for very large analyses.
  • Analysis timeout. The default of 1 hour should be enugh for most applications. Increase it for very large applications.

Image Added

Results

After a successful run of a build definition with a Kiuwan baseline task the results are immediatelly available in your Kiuwan account. 

The results are automatically uploaded to your Kiuwan account in the cloud where you can see the results them and browse through the security vulnerabilities and other relevant defects found in your applications.

...

To use this task you need to have the Life Cycle module in your Kiuwan account. It allows you to audit the deliveries of you application's chenge requests. The task runs a Kiuwan delivery analysis as part of your build definition. The results are automatically uploaded to your Kiuwan account and the defined audit is ran comparing the reults with the latest existing application baseline. The OK or Not OK (OK/NOK) audit result is what the task will return, failing or not failing your build definition execution.

Image Removed

<img src="https://www.kiuwan.com/wp-content/uploads/2018/01/kiuwan-audit-results.png">

Kiuwan application selection

. You can decide if you want to fail the build step or not based on the audit result.

Like with the baseline analysis tasks, you can specify some analysis options.

The Kiuwan service connection, the Kiuwan application name, the analysis label, the security analysis performance, the database analysis and advanced analysis settings behave exactly the same as in the baseline analysis task described and explained ain the previous chapter. The delivery analysis specific options are as follows.

Analysis scope

Here you decide if this is a complete delivery (all the code base including the changes) or a partial delivery (just the changes)

Image Added

Fail on Kiuwan audit

If this is set the buils task will fail if the Kiuwan audit that is run automatically after the analysis fails. Uncheck this if you want to run the analysis and the audit but don't want to break the build

Image Added

Change request status

With Kiuwan change request deliveries you can tag the analysis as 'In progress', when the changes hasn't been completely finished, or 'Resolved' when you considere the changes finished.

Image Added

Results

Remember that the overall result of the aduit is retuned by the task and you can conditionally break your build.

Once the task runs you can inmediately see the results in your Kiuwan account. Including all the details on the audit and the defects and vulnerabilities that need to be fixed to pass it.

Image Added

 By default, we use the project name as the application name in Kiuwan the results are uploaded to. However, you can override this behavior in a task, picking the application from a list with the existing applications in your Kiuwan account (bear in mind than the application list in the combo depend on the permisions the Kiuwan user defined in the Kiuwan connection), or entering a new application name.