Git Product home page Git Product logo

Comments (3)

regicsolutions avatar regicsolutions commented on September 18, 2024

This is for Bitbucket Cloud/Bitbucket Pipelines. I was looking for either direct Bitbucket Server support for Code Insights where I can post a report and its results as documented here: https://developer.atlassian.com/server/bitbucket/how-tos/code-insights/ having Jenkins post the report back to the Bitbucket Server pull request would also work, are there any samples for Jenkins?

from fortifyvulnerabilityexporter.

rsenden avatar rsenden commented on September 18, 2024

This is for Bitbucket Cloud/Bitbucket Pipelines. I was looking for either direct Bitbucket Server support for Code Insights where I can post a report and its results as documented here: https://developer.atlassian.com/server/bitbucket/how-tos/code-insights/ having Jenkins post the report back to the Bitbucket Server pull request would also work, are there any samples for Jenkins?

I currently don't have any plans for adding support for Bitbucket Server due to other priorities and because BitBucket Server seems to be End of Life according to https://www.atlassian.com/software/bitbucket/enterprise. However, you can try creating a custom FortifyVulnerabilityExporter configuration file for generating Bitbucket Server Code Insights reports; if necessary Fortify Professional Services may be able to assist with this.

Documentation for generating arbitrary JSON content using FortifyVulnerabilityExporter is available here: https://github.com/fortify/FortifyVulnerabilityExporter#json-export. Since Bitbucket Server Code Insights reports seem to be quite similar to Bitbucket Cloud Code Insights reports, you can use the existing Bitbucket Cloud configuration files as a starting point:

You would basically create a new YAML file that combines the contents of both configuration files listed above for either FoD or SSC, and then adjust the output format to match the required Bitbucket Server Code Insights JSON report and annotation format. You can then use curl commands to upload the report and annotations to BitBucket Server, similar to how this is done for Bitbucket Cloud: https://bitbucket.org/fortifysoftware/bb-sample-eightball/src/b89962305fe55c291bc378c451491e140ee832a6/bitbucket-pipelines-cmds.yml#lines-15

from fortifyvulnerabilityexporter.

rsenden avatar rsenden commented on September 18, 2024

BitBucket documentation has been added in latest commits

from fortifyvulnerabilityexporter.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.