Skip to main content

Creating a Project and Uploading a Codebase

The first step in using Code Insight is to create a project and upload the codebase that you want to scan.

Creating a Project

A project stores the analysis results from a scanned codebase. You must create a project in Code Insight before you can scan data and generate reports.

To create a new project:

  1. From the Dashboard page, click the Go to Project link or select Projects from the menu. The Projects page opens.

  2. Click Add New and select Project from the menu. The Add Project dialog box opens.

  3. In the Name field, enter a name to identify the project.

  4. From the Project Visibility list, select Public. This selection, the default, allows everyone with access to the Code Insight to view the new project.

  5. From the Scan Server list, select the scan server to be used for scanning the codebase for this project.

  6. Click Save. The project name is now listed in the Projects pane.

    At this point, the Project Dashboard area will not contain data. You must upload a codebase and scan it before data and charts appear.

  7. Proceed with the steps in the Uploading a Codebase section below.

Uploading a Codebase

Before Code Insight can perform a scan, you must upload the archive file containing the source code and binary files of a codebase to the Scan Server. This archive can be a .zip, .7z, .tar, or .tar.gz file.

tip

If your codebase changes, you can upload a new version of the codebase file by following the same procedure.

To upload a codebase to the project:

  1. Perform the steps in the Creating a Project section.

  2. In the list of projects in the Projects pane, click the Open project icon next to the project you want to open. The Project Summary page opens.

  3. Click Upload Project Codebase. The File Upload dialog opens.

  4. Click Select Archive File to browse to for the archive file (.zip, .7z, .tar, or .tar.gz) containing your codebase.

  5. (Optional) Select Delete existing project codebase files to have Code Insight delete previously uploaded codebase files associated with this project.

    note

    If you select this option, a Warning dialog appears, asking you to confirm the deletion. Be aware that all existing codebase files for project will be permanently removed from the Scan Server during the upload. If you rescan the project without replacing these files via a new upload, the scan results for the removed files will be permanently deleted.

  6. For Archive File Expansion Options, select the level of archive expansion you want to perform on the codebase:

    • Uploaded file only—Extract the files from the uploaded archive. Any extracted archives are not expanded.

    • Uploaded file and first-level archives only—Extract the files from the uploaded archive and expand all first-level archives in the codebase. Note that the expanded archive itself is retained along with its extracted contents in the parent folder.

    • Uploaded file and all contained archives—Extract the files from the uploaded archive and expand archives at all levels (that is, archives with archives within archives and so forth) in the codebase. Note that each expanded archive is retained along with its extracted contents in the parent folder.

  7. Click Upload. Code Insight uploads the codebase file and attaches it to the selected project. You are now ready to scan the codebase.

  8. Proceed with the steps in Performing a Scan.

Other Methods for Accessing a Codebase to Scan

Uploading a codebase is not the only method available for accessing a codebase to scan in Code Insight. However, for the purpose of keeping the getting-started process streamlined, this document focuses on the upload process only. The other methods you can use to access a codebase for a project are briefly described here:

  • Synchronize with your Source Control Management system—An alternative to uploading a codebase to the Scan Server is to synchronize a codebase repository from a Source Control Management application (such Perforce, Git, Subversion, or TFS) to the Scan Server for scanning. For more information, refer to "Configuring Source Code Management" in the Code Insight User Guide.

  • Scan a codebase on a remote server—Instead of uploading or synchronizing codebases to the Scan Server, you can install a Code Insight scan-agent plugin on a remote system to directly scan a codebase on that system. The results of the remote scan are sent to an existing project on the Code Insight Core Server. For more information, refer to the Code Insight Plugins Guide.

Whether your project's codebase is uploaded or synchronized to the Scan Server or resides on a remote system on which a plugin is installed (or is a combination of code files from two or more of these methods), the results of all scans on the complete codebase will be available in your Code Insight project. Within the project, you can then perform further analyses of the codebase files and review, remediate, and finalize the inventory of the open-source and third-party software findings.