DZx
DZx

Reputation: 367

Excluding Test Projects from Fortify Scan in Azure DevOps

I am submitting a Fortify scan through an ADO Pipeline, using the Fortify Static Code Analyzer Assessment plugin. The pipeline is building the solution first, then scanning it. There are several unit test projects in my solution that I would like to exclude, but none of the solutions I've seen suggested seem to work. Is it because I cannot use a relative path? These are the options I've tried in the Additional Fortify SCA build options:

-exclude "**/UnitTests/**/*"
-exclude "**/UnitTests/*"
-exclude "*/UnitTests/*.*"
-exclude "**\UnitTests\*.*"

UnitTests is the name of the project in the .Net solution. And all files to exclude are directly under a folder by that name.

Upvotes: 1

Views: 2631

Answers (2)

Space Monkey
Space Monkey

Reputation: 1041

In the Additional Fortify SCA build options section, try this:

-exclude $(Build.SourcesDirectory)\UnitTests\ -exclude $(Build.SourcesDirectory)\**\UnitTests\

Use quotes if you have spaces in your sources directory. This should ignore the UnitTests folder in the root folder (if you have one), and any within sub-folders. I have found the last \ works better than \**.

Reference: SCA Guide 20.2 page 123 - Specifying Files and Directories

Upvotes: 2

7_R3X
7_R3X

Reputation: 4370

Try this:

-exclude "<dir>/**/UnitTests/**"

It matches all directories and files found in the named directory that have UnitTests in the path, including UnitTests as a file name. Also, on Windows, you can use the backslash character () as the directory separator instead of the forward slash (/).

Upvotes: 0

Related Questions