I am trying to run Fortify commands through a batch file. Typically when running a fortify scan I use these three different commands via command line:
sourceanalyzer -b buildId-clean
sourceanalyzer -b buildId devenv "mysolution.sln" /Rebuild Debug
sourceanalyzer -b buildId -scan -f "mysolution.fpr" -format fpr
Now when running the second command you need devenv to complete the translation. What is the best approach to call this? I've tried to run the VsDevCmd.bat
before running the commands in a batch file, but end up with this:
ERROR: Cannot determine the location of the VS Common Tools folder.
This is even having the .bat
file in the same directory I am call the fortify batch file.
I've also called devenv.com but get this error:
[error]: The HPE Security Fortify add-in for Visual Studio did not execute; ther efore, no files were translated. Ensure that the HPE Security Fortify add-in is installed. If you are running Visual Studio 2005 SP1, you must also install t he hotfix indicated by KB934517.
Here is the batch file command:
set SOURCEANALYZER=sourceanalyzer
set BUILDID="buildId"
set DEVCOMMAND="devenv.com"
set SOLUTIONFILE="mysolution.sln"
set ARGS="/Rebuild Debug"
%SOURCEANALYZER% -b %BUILDID% %DEVCOMMAND% %MYSOLUTION% %ARGS%
My VsDevCmd.bat
and devenv.com
comes from VS2015 directory.
From what I understand, you have three options for the devenv
argument when running through command line:
devenv.exe
file, usually located at C:\Program Files (x86)\Mircosoft Visual Studio x.0\Common7\IDE\devenv.exe
vsvars32.bat
before running the sourceanalyzer
command to set some local variables, such as devenv
, to the proper paths. This file is located at C:\Program Files (x86)\Microsoft Visual Studio x.0\Common7\Tools\vsvars32.bat
.sourceanalyzer
command via the Visual Studio Developer Command Prompt. This is the same as opening a traditional command line window and executing vsvars32.bat
.If you do option 2 or 3, you will be able to simply use the variable devenv
in the sourceanalyzer
command, while option 1 will require a hard path in the command, but could be useful if you need to specify a version of Visual Studio to build with.