如何使用gradle运行HP强化扫描或在Jenkins上运行Gradle构建

时间:2015-04-06 14:13:12

标签: jenkins gradle fortify sca fortify-source

我使用以下代码使用Gradle运行fortify,但是此代码需要时间来生成报告,我不确定如何优化此脚本以更快地运行,如果有人可以帮助我优化它会很棒这个脚本

// Add a new configuration
    configurations {
        fortify { extendsFrom compile }
    }

    // pull in the fortify libs for the new configuration
    dependencies {
        fortify fileTree(dir: 'C:/Program Files/Fortify Software/HP Fortify v3.20/Core/lib', include: '*.jar')
    }

    task fortifyReport(dependsOn: compileJava) << {
        ant.properties['build.compiler']='com.fortify.dev.ant.SCACompiler'
        ant.typedef(name: 'sca', classname: 'com.fortify.dev.ant.SourceanalyzerTask',
        classpath: configurations.fortify.asPath)

        ant.sca(jdk:"1.6",
        maxHeap:'4096M' ,
        use64bit:true ,
        debug:true ,
        verbose:true ,
        failonerror:true ,
        scan:true ,
        logFile:file("$buildDir/fortify/Fortify.log"),
        resultsFile:file("$buildDir/fortify/abc.fpr")
        ){
           fileset(dir:'com/abc/xyz') {
              include(name:'**/*.java')}
        }
    }

0 个答案:

没有答案