Determining Materials to Scan
FlexNet Code Insight 2020 R2
In preparing a project for scanning, you must identify which materials to scan and configure the project to point to these materials. The way in which you do this will largely depend on the type of scan you are performing:
|
•
|
Standard scan where the codebase is stored on the Scan Server. With a standard scan, you can manually move the code to the Scan Server, upload the code through Code Insight, or synchronize with a codebase in your source code management (SCM) system, such as Git or Perforce. This type of scan requires a project configured as Standard. See these locations for instructions: |
|
•
|
Remote scan where a FlexNet Code Insight scan agent plugin is installed and configured on a remote instance to perform a scan within the context of an Engineering application on that instance (for example, an IDE, source-management, artifact-repository, CI, build, testing, or installation application). The plugin allows a scan of source files or built artifacts and sends the results to Code Insight as inventory for review and remediation. This type of scan requires a project configured as Inventory Only to receive the scan results.See the following for more information: |
|
•
|
FlexNet Code Insight Plugins Guide (available for download in the Flexera Customer Community) |
In both standard and remote scan scenarios, the results are processed by FlexNet Code Insight, which creates inventory, detects licenses and security vulnerabilities, applies policies for automated review, and creates review and remediation tasks per configuration.