cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
lpopescu
Occasional contributor

FNCI (2018 – 2019.R1) “Upload Project Codebase” and “Version Control Instances” do not coexist?

“Upload Project Codebase” and “Version Control Instances” do not coexist under the same “numbered” Directory Structure.

When using “Version Control Instances” to automatically download GitHub sources, if you have other codebase stored under the project’s scan path, it will get removed every time you sync/update the Version Control Instances.


Example:
Project ID #22
Scan Path: /sources/22

  1. I use “Upload Project Codebase” to place sources and artifacts into my scan directory: "/sources/22".
  2. I’ve also setup the "Version Control Instances" for GitHub to automatically download latest codebase from our internal repo into the same project.

Once I start the scan, all my code and artifacts in /sources/22 is removed including the codebase I uploaded with “Upload Project Codebase”, and then my codebase directory content is automatically refreshed with latest GitHub sources placed under: /sources/22/git.0, git.1, git2 ...

Workaround:

For FNCI 2018:

  1. I created a separate directory structure "/sources/project-22" where I can manually upload my project codebases.
  2. Setup “Version Control Instances” for GitHub to automatically download the latest codebase (under the Project’s numbered path)
  3. "Edit Project" --> "Scan Settings" make sure you add the "/sources/project-22" to the scan path of your project in addition to your “numbered” folder path(/sources/22).
  4. Start your scan.

 

For FNCI 2019.R1:

FNCI 2019.R1 by default restricts what you can see under your directory structure to only the “numbered scan-path”. (See FNCI-RN-2019R1.pdf, page 9 “Restricted Access to Scan Server Filesystem”)

The workaround I had for 2018 no longer worked.  The new workaround for 2019.R1 is as follows:

  1. Open Ticket with Flexera Customer support and request access to "Restricted Access to Scan Server Filesystem" as per FNCI-2019R1 Release Notes.pdf) on page 9.
  2. Setup “Version Control Instances” for GitHub to automatically download the latest codebase (under the Project’s numbered path)
  3. Create a new directory structure "/sources/project-22" <-- you will need to manually extract the codebase.zip file in this directory structure. (If you use FNCI's "Upload Project Codebase" feature, it will upload the extracted zip file into the project's main numbered folder). That folder gets removed by the FNCI GitHub syncing every time you start a scan.)
  4. In FNCI 2019.R1 "Edit Project" --> "Scan Settings" make sure you add the "/sources/project-22" to the scan path of your project in addition to your main folder path("/sources/22").
  5. Start your scan.

Hope this will save you some time or let me know if there is a better workaround.

LP

1 Reply
Flexera jwilliams
Flexera

Re: FNCI (2018 – 2019.R1) “Upload Project Codebase” and “Version Control Instances” do not coexist?

Hi @lpopescu,

You are correct that the access to the scan server has been restricted in the 2019 R1 release. The steps to reverse this change are included below:

This setting is controlled by the show.full.scan.server.file.system.tree value in the PAS_GLOBAL_PROPERTIES database table. The current value of this variable can be determined using the following query:

SELECT * FROM PAS_GLOABL_PROPERTIES;

This value should be set to false. If this is set to false use the following query to update this to true:

update PAS_GLOBAL_PROPERTIES set VALUE_='true' where KEY_='show.full.scan.server.file.system.tree';

Once this has been set, restart tomcat to ensure the new settings have been read.

These changes will allow unrestricted access to the scan server as seen in the 2018 R4 and earlier releases.

Kind Regards,

Jon