I'm running the Fortify BIRT Report Generator from the command line, and trying to limit the generated report to only "critical" and "high" issues. The actual command line is below.
birtreportgenerator -template "Developer Workbook" -format PDF
-output "output.pdf" -source "input.fpr"
-searchQuery "[fortify priority order]:critical OR [fortify priority order]:high"
But I'm getting the following Exception:
Error parsing search string, Unknown Modifier: fortify priority order
com.fortify.exceptions.FortifyException: Error parsing search string, Unknown Modifier: fortify priority order
The Fortify SCA User Guide only says the option syntax is:
-searchQuery <query>
But it never bothers to specify what form <query> is supposed to take.
In the Audit Workbench's BIRT report generation function, I can specify a filter by going to Issue Filter Settings > Filter > Advanced and selecting priority orders of critical or high. When I do that, the filter field is populated with:
[fortify priority order]:critical OR [fortify priority order]:high
and the generated report is correctly limited to only critical and high defects.
So, why the query syntax that works in Audit Workbench's report generator fails in the command line report generator, I have no idea. The Fortify Audit Workbench User Guide specifically lists [fortify priority order] as a valid search modifier, for what that's worth.
I've tried every variation of the syntax I could think of, and nothing seems to work.
Related
I am using Jmeter and Ant for one of my project, when we generate report it shows URL, #Samples, Failures, Success Rate, Average Time, Min Time, Max Time in report.
I want to include 90% time line in the report as well.
right now i am using jmeter-results-detail-report_21.xsl, is there any other pre build xsl file that can give me 90% time line in same report???
build.xml code is given below:
There is a custom tool that was designed to be used in scripting/automation: JMeterPluginsCMD.
You can use it to generate aggregate report after the test finishes, using Exec ant task with proper params.
Read this for details: http://jmeter-plugins.org/wiki/JMeterPluginsCMD/
When an exception occurs in the execution of a task, for instance a lookup task fails to find a match, I want to report that exception and the value it was looking for in the Execution Report. How do I do that? Is there a more appropriate way to do that in SSIS?
Without actually doing the work, I think you should use the No Match output, What´s the difference between Error output and "No match Output" in Lookup transformation SSIS , to pass the rows to a Script Task to log a warning, http://msdn.microsoft.com/en-us/library/ms136054.aspx , and you should be able to see the list of warnings in the Execution Report, http://www.rad.pasfu.com/index.php?/archives/78-SSIS-Catalog-Part-5-Logging-and-Execution-Reports.html .
I have a very simple report constructed using Report Builder 2.0 talking to analysis services for TFS 2010. The report shows the number of active bugs logged against a particular Team Project, sorted by priority.
I have several team projects, and I don't want to duplicate the same report for each one. Instead, I would like to pass in the team project as a parameter in the URL. A search of the web shows good guidance from John Socha-Leialoha on how to do this (finding the MDX parameter and constructing the query).
I have set a default on the report to point to a particular team project and the report presents the expected information, when I add a parameter to the URL the report fails to run, and displays the following message: 'Value cannot be null. Parameter name: main'
The following URL displays the report correctly with the default team project:
/sites/tfsserver/_layouts/TfsRedirect.aspx?tf:Type=Report&tf:ReportName=Bug+Information/ActiveBugsByPriorityBarChart
I've also tried appending the parameter, as follows:
/sites/tfsserver/_layouts/TfsRedirect.aspx?tf:Type=Report&tf:ReportName=Bug+Information/ActiveBugsByPriorityBarChart&tf:Parameters=TeamProjectTeamProjectHierarchy=[Team Project].[Team Project Hierarchy].&[{E207FAFF-CA70-41A2-8A62-B881C9C9F8F1}]
This, also, generates the message: 'Value cannot be null. Parameter name: main'
This led me to the realization that I needed to escape the & symbol, as follows:
/sites/tfsserver/_layouts/TfsRedirect.aspx?tf:Type=Report&tf:ReportName=Bug+Information/ActiveBugsByPriorityBarChart&tf:Parameters=TeamProjectTeamProjectHierarchy=[Team Project].[Team Project Hierarchy].&26[{E207FAFF-CA70-41A2-8A62-B881C9C9F8F1}]
However, the report still fails to run, and displays the same error message.
Since it is not referenced in Socha's example, I have also tried running the report while omitting the &tf: parameters tag, as follows:
/sites/tfsserver/_layouts/TfsRedirect.aspx?tf:Type=Report&tf:ReportName=Bug+Information/ActiveBugsByPriorityBarChart&TeamProjectTeamProjectHierarchy=[Team Project].[Team Project Hierarchy].&26[{E207FAFF-CA70-41A2-8A62-B881C9C9F8F1}]
This doesn't seem to work either. At this point, I'm happy for any advice/guidance I can get.
Maybe this blog post helps you: http://ewaldhofman.nl/post/2009/06/02/Add-SSRS-report-as-dashboard-to-sharepoint.aspx
How can I cause a build to fail when code coverage is below a certain threshold?
The main issue is that the code coverage results file that MSTest produces is in a binary format. However, assuming that things haven't changed too much in VS2010, you should be able to use this utility to convert it into an XML file:
http://codeexperiment.com/file.axd?file=2008%2f9%2fCodeCoverageConverter.zip
NOTE: You'll probably need to recompile it against the VS2010 version of 'Microsoft.VisualStudio.Coverage.Analysis.dll.
You can then use your preferred method of parsing that XML file, doing the maths for each of the instrumented assemblies to calculate an overall coverage ratio. The XPaths you're interested in (at least for VS2008) are:
/CoverageDSPriv/Module/LinesCovered
/CoverageDSPriv/Module/LinesNotCovered
If you want to do that last step in pure MSBuild, then the 'XmlRead' and 'Math' tasks contained within the MSBuild Community Tasks library should be sufficient:
http://msbuildtasks.tigris.org/
Once you have the overall ratio in an MSBuild property, you then simply use a conditional task to break the build if that number is lower than your desired threshold.
<Error Condition=" $(CodeCoverageRatio) < $(MinCodeCoverage) "
Text="Code Coverage is below required threshold." />
There is very likely a way to do this with a build task (particularly if you are willing to roll your own). Hopefully someone will post some sample code for you.
If not, I have been impressed with NDepend for this type of task. You can write in a very self-explanatory, SQL-like syntax to determine all sorts of metrics about your code and warn or fail a build based on thresholds.
Examples:
WARN IF Count > 0 IN SELECT METHODS WHERE CodeWasChanged AND PercentageCoverage < 95
WARN IF Count > 0 IN SELECT METHODS WHERE IsPublic AND IsInOlderBuild AND WasRemoved
Ancient question, but not marked as answered. Take a look at this
While getting scource code analyzed by fortify source code analyzer if I want to skip selected catagory say "Poor Error Handling : Empty Catch Block" - is there any way to do that? In case of checkstyle report generator there is a way to skip selected error being reported. I would like to have that flexibility in case of fortify source code analyzer.
First, open results containing "Poor Error Handling: Empty Catch Block" in Fortify Audit Workbench. Then, find an Empty Catch Block finding, right click it and select "Create Filter..."
In the filter dialog, select the condition "Category matches Poor Error Handling: Empty Catch Block", and then in the Action section below, select "Hide". Save the filter.
The first thing you'll find is all the Empty Catch Block findings have disappeared. The filter is simply stored in the FPR at this stage.
To publish this filter as a matter of policy, choose Tools->Project Configuration and export your project template. Save the file in the installation directory in Core/config/filters/ as specified in the readme file there. If you do this on all your computers that produce scans, all your FPRs will share the same filter.
If you have a central Fortify 360 Server, you can import this project template into the server instead. It will automatically be applied to any upload to a project of that template.