Table of Contents

Sample Synopsys Detect invocations

This section shows examples of parameters that you pass to Synopsys Detect based on the type of scanning you want.

Coverity on Polaris and Black Duck

bash detect.sh --detect.polaris.enable=true --detect.tools=ALL --polaris.access.token=$POLARIS_TOKEN --polaris.url=$POLARIS_URL --blackduck.url=$BLACKDUCK_URL --blackduck.api.token=$BLACKDUCK_TOKEN --blackduck.trust.cert=true --detect.project.name=$PROJECT_NAME --detect.project.version.name=$CODEBUILD_BUILD_ID

Coverity on Polaris only

bash detect.sh --detect.polaris.enable=true --detect.tools=POLARIS --polaris.access.token=$POLARIS_TOKEN --polaris.url=$POLARIS_URL

Black Duck only

bash detect.sh --blackduck.url=$BLACKDUCK_URL --blackduck.api.token=$BLACKDUCK_TOKEN --blackduck.trust.cert=true --detect.project.name=$PROJECT_NAME  --detect.project.version.name=$CODEBUILD_BUILD_ID

Note: If you want to run Coverity and chose not to create a Polaris YAML file as described in the Before You Begin section (above), add the following argument to supply your clean and build commands to Synopsys Detect.

--polaris.arguments=“--\ mvn\ -DskipTests\ clean\ install”

 Click here to view a complete list of Synopsys Detect parameters.

Sample buildspec.yml

This section shows examples of how the invocation-parameter syntax is used in a buildspec.yml file.

Coverity on Polaris and Black Duck

version: 0.2

env:
  variables:
    PROJECT_NAME: "CodeBuild-Synopsys-Detect"
  parameter-store:
    BLACKDUCK_URL: "Detect-Blackduck-URL"
    BLACKDUCK_TOKEN: "Detect-Blackduck-Token"
    POLARIS_URL: "Detect-Polaris-URL"
    POLARIS_TOKEN: "Detect-Polaris-Token"

phases:
  install:
    commands:
      - curl -LOk https://detect.synopsys.com/detect.sh
      - chmod +x ./detect.sh
  build:
    commands:
      - bash detect.sh --blackduck.url=$BLACKDUCK_URL --blackduck.api.token=$BLACKDUCK_TOKEN --blackduck.trust.cert=true --detect.project.name=$PROJECT_NAME --detect.detector.search.depth=99 --detect.project.version.name=$CODEBUILD_BUILD_ID --detect.polaris.enable=true --detect.tools=ALL --polaris.access.token=$POLARIS_TOKEN --polaris.url=$POLARIS_URL

artifacts:
  discard-paths: yes

Coverity on Polaris only

version: 0.2

env:
  parameter-store:
    POLARIS_URL: "Detect-Polaris-URL"
    POLARIS_TOKEN: "Detect-Polaris-Token"

phases:
  install:
    commands:
      - curl -LOk https://detect.synopsys.com/detect.sh
      - chmod +x ./detect.sh
  build:
    commands:
      - bash detect.sh --detect.polaris.enable=true --detect.tools=POLARIS --polaris.access.token=$POLARIS_TOKEN --polaris.url=$POLARIS_URL

artifacts:
  discard-paths: yes

Black Duck only

version: 0.2

env:
  variables:
    PROJECT_NAME: "CodeBuild-Synopsys-Detect"
  parameter-store:
    BLACKDUCK_URL: "Detect-Blackduck-URL"
    BLACKDUCK_TOKEN: "Detect-Blackduck-Token"

phases:
  install:
    commands:
      - curl -LOk https://detect.synopsys.com/detect.sh
      - chmod +x ./detect.sh
  build:
    commands:
      - mvn clean package
  post_build:
    commands:
      - bash detect.sh --blackduck.url=$BLACKDUCK_URL --blackduck.api.token=$BLACKDUCK_TOKEN --blackduck.trust.cert=true --detect.project.name=$PROJECT_NAME --detect.project.version.name=$CODEBUILD_BUILD_ID
 
artifacts:
  discard-paths: yes