In this section:
Introduction
Suppressions enable you to mark static analysis violations as known (but acceptable in the particular instance) without modifying the source code. When a Parasoft tool connected to DTP finds a static analysis violation during code analysis, it checks either Team Server or DTP to see if the violation is supposed to be suppressed on the server. If the violation is marked for suppression, it is reported as such by the tool. See Suppressing Violations for additional information.
Suppression data reported by Parasoft 9.x tools is stored in Team Server (TCM), which is also where the tool checks for suppression markers. Parasoft tools 10.4.0 and newer store and check the data in DTP. If you are upgrading to Parasoft tools 10.4.0 or later, the suppression data will need to be migrated to the DTP database where it can be used by current and future implementations of Parasoft tools and Report Center.
You can use the TCM Suppression Tool to migrate legacy TCM suppression information to DTP. The tool is available as a separate download. Contact your Parasoft representative.
Requirements
- Parasoft static analysis tool version 10.4.0 or later.
- DTP version 5.4.0 or later.
- Java version 1.8 or later (provided in DTP installation).
- Access to DTP file system to collect data from TCM.
- DTP user name and password to migrate (upload) data to DTP.
Usage
- Run static analysis on the code associated with TCM suppressions using a 10.4.0 or later static analysis tool and send the results to DTP. This enables DTP to map TCM suppressions to DTP violations.
On the machine where DTP is running, execute the TCM Suppressions Tool using the following command:
java -jar TcmSuppressionsTool.jar -w -f <FILENAME>.json -i <DTP_INSTALL_DIR> -t <TCM_USERNAME> -l <TOOLNAME>
This command reads the TCM storage files on disk, collects information about TCM suppressions, and stores the information in a JSON file on disk. Because the file system is accessed directly, this command must be executed on the machine running DTP. See TCM Tool Options for details about the options.
Java 1.8 is required
You can use the Java executable shipped with DTP located at [DTP_INSTALL]/jre/bin/java to ensure that you are using a supported version of Java.
Execute the TCM Suppressions Tool using the following command to migrate the suppressions to DTP:
java -jar TcmSuppressionsTool.jar -m -f <FILENAME>.json -d <PROTOCOL>//<DTP_HOST>:<DTP_PORT> -u <DTP_USERNAME> -p <DTP_PASSWORD> -b <BUILD_ID>
This command reads the JSON file and uploads the data to DTP using the DTP REST API. You can run this command from any machine that can create an HTTP connection to DTP. The TCM suppressions are compared with the static analysis results for a specified build. See TCM Tool Options for details about the options.
Hiding your password in the command
If you do not want to use a password in the command line, omit the
-poption and you will be prompted for a password.- Existing results are not changed on DTP–the only change is that the violations have been marked for suppression in the next static analysis run. To use the suppression information stored on DTP, run static analysis again (using the 10.4.0 or later tool). The violations marked to be suppressed on DTP are reported as suppressions.
After migration, the updated DTP violations will be marked as "Suppress the selected violations in subsequent analysis runs" in the Prioritization tab of the Violations Explorer. The Reason field will contain the same string used in the TCM suppression. To update a DTP violation based on a TCM suppression, the violation and suppression must have the same file path, rule ID, and violation message. DTP violations already marked for suppression in subsequent builds and DTP violations that were suppressed in the build used for comparison are not modified.
TCM Tool Options
You can use the following options when executing the TCM Suppression Tool:
| Option | Description |
|---|---|
-h, --help | Prints information on the available command line options. |
-v, --verbose | Increases the logging information. |
-f, --file | The file used to store TCM suppressions data. Example:
|
-w, --writeTcmSuppressionsToFile | Reads TCM suppressions from disk and stores the data in the file specified by the |
-i, --dtpInstallationDir | The directory in which DTP is installed. The command must be run on the machine on which DTP is running. Example (Windows):
|
-t, --tcmUser | Specifies the Team Server user name associated with the suppression data. This is the user name specified in 9.x tool Parasoft preferences: Parasoft> Development Testing Platform> Team Server See the documentation for your tool for additional information. |
-l, --toolId | Specifies the tool ID associated with the suppression data. In most cases, you should specify one of the following tool IDs (case-sensitive):
If you are not sure which ID to use, you can check the names of the directories in TCM storage located at [DTP_INSTALL]/tcm/storage/root/usr/[user storage dir]/[toolId], where [user storage dir] is configured for the TCM user in administrator settings. Example:
|
-m, --migrate | Migrate suppressions to the DTP server. |
-d, --dtpUrl | Specifies the base URL for connecting to DTP. Example:
|
-u, --dtpUser | Specifies the user for connecting to DTP. |
-p, --dtpPass | Specifies the password for the DTP user. If you do not want to specify the password on the command line, omit the argument and you will be prompted for the password. For the prompt to work, you must run the tool in an interactive console (use cmd.exe on Windows). |
-b --build | Specifies the recent build on DTP with static analysis results provided by a 10.4.0 or later static analysis tool. This is necessary for DTP to match TCM suppression data to DTP static analysis data. A corresponding violation must already exist on DTP for the suppression data to be applied. Example:
|
