Configuring the Plug-in

Configure the plug-in when you add it to your pipeline.

When you've added the Polaris Software Integrity Platform (Polaris) plug-in you can configure the plug-in.

  1. Type a name in the Display name field.

    Add Pipeline task
  2. Click + New to add a new Polaris Software Integrity Platform Service Endpoint.
  3. Complete the Polaris server details.
    1. Enter a URL for your Polaris server in the Server URL field.
    2. Paste the Polaris API token in the API token field.
      Refer to Polaris documentation for help with creating an access token.
    3. Type a name in the Service connection name field.
    4. Optional: Add a description.
    5. To enable other pipelines to use this service connection, leave the Grant access permission to all pipelines checkbox selected.

    Polaris Service Connection
  4. To add a Polaris Software Integrity Platform Proxy Service Endpoint, click + New.
    1. Type a name for the proxy connection in the Service connection name field.
    2. Type the proxy Server URL.
    3. Optional: Enter the username and password used to access the proxy.
    4. Type a name for the proxy connection in the Service connection name field.
    5. Optional: Add a description.
    6. To enable other pipelines to use this service connection, leave the Grant access permission to all pipelines checkbox selected.

    Polaris proxy details
  5. Use the Polaris Software Integrity Platform Command field to enter the analyze -w command. Leave the Check for issues checkbox selected so that the issue count is returned and the build is passed or failed. You can also add other Coverity commands.
    Note: Using the -w flag ensures that the Polaris CLI will wait and use the JSON file generated by Polaris to check for issues. If you don't use the -w option and you leave Check for issues checkbox selected, the plug-in polls and waits for the job to finish so that there is an issue count to determine whether the build passes or fails.

    Example of a job where Check for issues checkbox is not selected and build passes with issues.


    Build passes with issues example
  6. To enable Incremental analysis (LCA), do the following:
    1. Select the Populate SCM changeset in file at $CHANGE_SET_FILE_PATH for incremental analysis checkbox.
    2. Select the Succeed or Fail option from the drop-down menu for the outcome: When static analysis is skipped because the changeset contained no files to analyze

      Succeed or Fail option
    3. Add the analyze -w --incremental $CHANGE_SET_FILE_PATH command.
    4. For the plug-in to access builds information, you must enable the Allow scripts to access the OAuth token checkbox when you select the Agent Job.

      Scripts access to OAuth token

      By default, the Polaris Software Integrity Platform CLI installs local analysis tools, which are over 3 GB.

      Synopsys Recommendations
      • Install the analysis tools before running the Polaris CLI and specify the tools location in your polaris.yml file.
      • When you install the analysis tools, ensure that you are installing them in the same POLARIS_HOME that the agent uses.
      Note: If the CLI does attempt to install the analysis tools, it might take a long time and you will need to increase the default pipeline timeout.