In this section

Introduction

The Parasoft Flow Analysis Importer extension sends JSON-formatted analysis results to Parasoft (DTP). The results can be processed and viewed along with other data points from your SDLC processes and tools. The integration also adds scope, authorship, and source control support that further enhance the imported results. Additionally, it allows the generation of a Parasoft Report that shows violations for each author and each severity.

This integration gives a development organization the ability to aggregate the results of all testing efforts across a variety of technologies, or even compare and contrast results from different analysis tools in one centralized location—increasing productivity and efficiency.

Requirements

• Flow analysis results captured in a JSON text file with the expected format (see Expected JSON Format).
  
• Parasoft Analyzer package must be installed.
• Oracle Java Runtime 1.8.0 or higher (required to run Parasoft Analyzer package).

Installation

1. Unzip Flow Analysis Importer into the directory where the Parasoft Analyzer package was installed. See the Parasoft Analyzer package documentation.
2. Create a plain text settings file with the required settings (see Configuration). We recommend using the provided flow-analysis-importer-settings.properties file as an example of a complete settings file. The file is located in the examples/FlowAnalysisImporter/ directory. A full list of general settings properties can be found in the documentation provided with the Parasoft Analyzer package.

Usage

1. Open a command prompt and navigate to the Parasoft Analyzer package installation root directory.
2. Execute the parasofttestcli.bat or parasofttestcli.sh script using the required parameters, e.g., (all one line): 

parasofttestcli.sh -Dsettings="C:\sample\flow-analysis-settings.properties" -Ddata.dir="C:\sample\sampleProjectFolder" -Dresults.file="c:\sample\results.json"  

Required Parameters

The following settings are required.

-Dsettings

Path to the settings configuration file (see Configuration). 

Windows example: -Dsettings="C:\path\to\file\settings.properties"

Unix example: -Dsettings="/path/to/file/settings.properties"

-Ddata.dir

Specifies the path to the source code of the project that was analyzed. This is used to collect source control metadata (e.g., authorship, last updated, etc.) for DTP reporting and processing.

-Dresults.file

The path to the JSON results file. The file may be an absolute path or relative to the directory specified by -Ddata.dir.

Optional Parameters

The following parameter is not required.

-Dparasoft.local.storage.dir

Specifies where log files are generated. The recommended location is ${project.base.dir}/.parasoftanalyzer. For example:

-Dparasoft.local.storage.dir=.parasoftanalyzer

Configuration

See the Parasoft Analyzer package documentation for a complete list of configurations.

Required Settings

The following settings are required to run the Flow Analysis Importer extension.

analyzer.flowanalysisimporter.enabled   

Enables the importer. Values are true or false.

Example:

analyzer.flowanalysisimporter.enabled=true

Expected JSON Format

Sample JSON files are provided in the downloaded artifact (see the examples/FlowAnalysisImporter/ directory). A JSON Schema file is also available (see examples/FlowAnalysisImporter/flow-analysis-report.schema.json).

In general, JSON results files should be structured as follows:

Top Level

• totalViolation: The total number of violations referenced in this report.
• tool: Information about the third-party tool that has performed the flow analysis.
• violations: An array of the violations (defined under #/definitions/violation). This should contain information about each violation, including trace elements (i.e., the call stack list).
• rules: An array of the rules that used for this report.

Trace Type Definition

The type under the trace object describes the status of the line. It normally has one or two types to represent the state. Available type indicators are:

• . (period) indicates that line has been covered and reviewed.
• E indicates an "exception" on the line.
• ! (exclamation point) indicates an "alert" or "attention needed" mark on the line. These marks may indicate, for example, the point where an exception was thrown. 
• P indicates where the problem occurred.
• C indicates the line that caused the issue/violation.

For example, the state of each traced line can be represented by the following combinations of type indicators:

• . indicates that the analyzer checked this line and did not find any issues or problems. 
• .P indicates that the analyzer checked this line and found that a problem occurred at this line.
• .C indicates that the analyzer checked this line and determined that this line triggered a problem.
• !E indicates that an exception was thrown at this line and needs to be reviewed.

Change Log

The following updates have been made to the Flow Analysis Importer extension.

Updates for 10.4.1

• Updated Parasoft Test library to 10.4.1
• The DTP Engine Package has been renamed to Parasoft Analyzer package. 

Updates for 10.3.4

• Updated Parasoft Test library to 10.3.4.
• The DTP Engine Package now uses a Parasoft Test license instead of a DTP license. Contact your Parasoft representative to obtain a Parasoft Test license if you don’t have one.

End User License Agreement (EULA)

The Parasoft End User License Agreement (EULA) is available at https://www.parasoft.com/parasoftlicense.