FlexNet Code Insight 2019 R1
Organizations may be reluctant to upload their codebase into FlexNet Code Insight. Instead, they want to keep their codebase in its existing development system due to security, consistency, or other concerns. To address this requirement, FlexNet Code Insight provides scan agents that can scan a codebase wherever it resides and send the results as inventory to the Code Insight server for review and remediation by users. This process requires an inventory-only project on Code Insight server for handling the returned results, but requires no codebase upload to Code Insight.
The following is the overall process for creating an inventory-only project and performing a scan on a remote codebase:
Phase 1—Create an inventory-only project in FlexNet Code Insight. See Creating a Project.
Phase 2—Create a JWT authorization token for the user whose account will be used to connect to FlexNet Code Insight. See “Generating a JWT Authorization Token” in the FlexNet Code Insight Plugins Guide.
Phase 3—Install and configure the appropriate scan agent plugin. (For information how to install and configure the plugin, see the FlexNet Code Insight Plugins Guide.) As part of the configuration process, you will need to provide the name of the inventory-only project that you created, the URL of the FlexNet Code Insight core server, and the JWT access token.
When the plugin is invoked (for example, by a build in Jenkins) the remote codebase will be scanned, and identified inventory items will be created on the FlexNet Code Insight server. The resulting inventory can be managed in FlexNet Code Insight.
Note • In the case of an inventory-only project, the Analysis Workbench will not be available. However, all other inventory management functionality is supported.
FlexNet Code Insight 2019 R1 Help LibraryMarch 2019 |
Copyright Information | Flexera |