Configuring the Plug-in

Configure the plug-in when you add it to your pipeline.

When you've added the Coverity on Polaris plug-in you can configure the plug-in.

  1. Type a name in the Display name field.
    Add Pipeline task
  2. Click + New to add a new Coverity on Polaris Service Endpoint. If you have existing connections, click Manage to use them.
  3. Complete the Coverity on Polaris server details.
    1. Enter a URL for your Coverity on Polaris server in the Server URL field.
    2. Paste the Coverity on Polaris API token in the API token field.
      Refer to Coverity on Polaris documentation for help with creating an access token.
    3. Type a name in the Service connection name field.
    4. Optional: Add a description.
    5. To enable other pipelines to use this service connection, leave the Grant access permission to all pipelines checkbox selected.
    Coverity on Polaris Service Connection
  4. To add a Coverity on Polaris Proxy Service Endpoint, click + New.
    1. Type a name for the proxy connection in the Service connection name field.
    2. Type the proxy Server URL.
    3. Optional: Enter the username and password used to access the proxy.
    4. Type a name for the proxy connection in the Service connection name field.
    5. Optional: Add a description.
    6. To enable other pipelines to use this service connection, leave the Grant access permission to all pipelines checkbox selected.
    Coverity on Polaris proxy details
  5. Use the Coverity on Polaris Command field to enter the analyze -w command. Leave the Check for issues checkbox selected so that the issue count is returned and the build is passed or failed. You can also add other Coverity commands.
    Note: Using the -w flag ensures that the Coverity on Polaris CLI will wait and use the JSON file generated by Coverity on Polaris to check for issues. If you don't use the -w option and you leave Check for issues checkbox selected, the plug-in polls and waits for the job to finish so that there is an issue count to determine whether the build passes or fails.

    Example of a job where Check for issues checkbox is not selected and build passes with issues.

    Build passes with issues example
  6. To enable Incremental analysis (LCA), do the following:
    1. Select the Populate SCM changeset in file at $CHANGE_SET_FILE_PATH for incremental analysis checkbox.
    2. Select the Succeed or Fail option from the drop-down menu for the outcome: When static analysis is skipped because the changeset contained no files to analyze
      Succeed or Fail option
    3. Add the analyze -w --incremental $CHANGE_SET_FILE_PATH command.
    4. For the plug-in to access builds information, you must enable the Allow scripts to access the OAuth token checkbox when you select the Agent Job.
      Scripts access to OAuth token

      By default, the Coverity on Polaris CLI installs local analysis tools, which are over 3 GB.

      Synopsys Recommendations
      • Install the analysis tools before running the Coverity on Polaris CLI and specify the tools location in your polaris.yml file.
      • When you install the analysis tools, ensure that you are installing them in the same POLARIS_HOME that the agent uses.
      Note: If the CLI does attempt to install the analysis tools, it might take a long time and you will need to increase the default pipeline timeout.