CICD Integration - Using Maven

Before scanning applications using Falcon Scan, make sure you have:

Adding Repositories

  1. The binaries required to scan the projects are available in IZ Maven Central repository. Include following repositories and plugin repositories in settings.xml

<repositories>
    <repository>
        <id>iz-maven-repo</id>
        <name>IZ Maven Repo</name>
        <url>https://iz-public-m2.s3.eu-west-2.amazonaws.com/releases</url>
    </repository>
</repositories>
<pluginRepositories>
    <pluginRepository>
        <id>iz-maven-plugin-repo</id>
        <url>https://iz-public-m2.s3.eu-west-2.amazonaws.com/releases</url>
    </pluginRepository>
</pluginRepositories>

CICD Integration

  1. Go to the project root directory from command line/terminal

  2. Run mvn com.integralzone.falcon:falcon-scan-cli:scan command with following options

    1. -DserviceHost=xxx
      Falcon Scan service URL

    2. -DauthToken=xxx
      Security token generated from the server

    3. -DapplicationKey=x.x
      Unique id of the application / project being scanned

    4. -DapplicationName=.
      Name of the application being scanned

    5. -Dsource=xxx
      Optional. Location of the project source directory. If ignored, current directory will be used as the project source directory

    6. -DscmBranchName=xxx
      Optional. SCM branch for which code is being analyzed. If ignored, the default value will be `master`

    7. -DpullRequestId=xxx
      _Optional.SCM Pull request name for which code is being analyzed

    8. -Dorganization=xxx
      Optional. Organization under which the project should be categorized. If ignored, the default organization will be used. Value can be any of Organization Name / Id / Ext Id

Please refer to the section below for instructions on how to retrieve the organization ID.

  1. Complete example may look like

      PROJECT_ROOT_DIR> mvn com.integralzone.falcon:falcon-scan-cli:scan
  -DserviceHost=${FALCON_HOST}
  -DauthToken=${FALCON_TOKEN}
  -DapplicationKey=orders-sapi
  -Dsource=.
  -DapplicationName="Orders SAPI"

Retrieve Organization ID

  1. Navigate to main menu OrganizationsOrganizations

  2. In the displayed list of organizations, each one will have an associated Id as shown below. organization ids

  3. Use the Organization ID when performing the CICD scan with the -Dorganization parameter.

    _For example: -Dorganization=cm0oy5hht00efv640wm935np9_

Setting Proxy Details

If the system from which the projects are analyzed is configured with proxy, then set the following arguments with proxy server details -

  1. Windows

      -Dhttps.proxyHost=PROXY_HOST -Dhttps.proxyPort=PROXY_PORT -Dhttp.proxyHost=PROXY_HOST -Dhttp.proxyPort=PROXY_PORT -Djava.net.useSystemProxies=true

  • Replace PROXY_HOST and PROXY_PORT with appropriate values for Porxy server host and port

  • If https.proxyPort is not specified default value will be 443

  • If http.proxyPort is not specified default value will be 80

See Also