Page tree
Skip to end of metadata
Go to start of metadata


On this page:

Summary: this page describes the new features and bugs that have been fixed in the CAST Dashboard Package 1.9.0.

Content matrix

VersionSummary of contentComments
1.9.0
  • Reporting from Engineering Dashboard
  • Ability to compare metrics at Technical Criteria and Rules level in Snapshot comparison page (Health Dashboard)
  • Ability to select Module in Snapshot comparison page (Health Dashboard)

Can be used with:

  • 8.3.3 - 8.3.15
Note that starting from release 1.8.0, the CAST Security Dashboard related WAR files are no longer provided.

RestAPI documentation

Resolved issues

Internal IDCall IDSituation
DASHBOARDS-87716134

Missing critical rules in Modules Treemap when older snapshot is selected

DASHBOARDS-82215980

The metric "Avoid using Fields (non static final) from other Classes" is displayed twice in the HD

DASHBOARDS-93416771

Permanent Fix: Unable to open Engineering DashBoard due to hyphen in the context.xml file

New features - CAST Health Dashboard

DASHBOARDS-602 - Snapshot Comparison improvements

Two improvements have been added to the Snapshot Comparison feature:

View grade comparison information for Technical Criteria and Rules

In previous releases of the CAST Health Dashboard, it was only possible to view grade comparison values for top level Health Measures (under Health Measures and Best Practices). This behaviour has been improved in 1.9.0 and it is now possible to see grade comparison values for child Technical Criteria and Rules under Health Measures and Best Practices:

Click to enlarge

1.9.0 release

Previous releases

Change the Module that is used for comparison purposes

In previous releases of the CAST Health Dashboard, the grade comparison values were using the values generated for the entire Application. This behaviour has been improved in 1.9.0 and it is now possible to choose a specific Module for comparison purposes via the Module selector:

Click to enlarge

  • The list of available Module varies with the selected snapshot version for an application. Modules displayed are those that are available in the more recent snapshot selected.
  • If a Module selected is not present in either snapshot then the table displays N/A for grade values.
  • If a Technical Criteria or Rule is not present in either snapshot then also table displays N/A for grade values.

DASHBOARDS-468 -  View Technical Criterion weight

In previous releases of the CAST Health Dashboard, it was not possible to view the numerical weight value for a Technical Criterion (this information was available for Rules however). This behaviour has been improved in 1.9.0 and it is now possible to view numerical weight value for a Technical Criterion:

Click to enlarge

1.9.0 release

Previous releases

DASHBOARDS-788 - Download AETP data

When clicking the AEP tile in the Application landing page AND when the AEP counting measure is active (see Measures used to calculate enhancement Function Points in CAST OMG-compliant Automated Function Points) enhancement size data is displayed based on OMG/CAST measures. It is then possible to download the data in an Excel spreadsheet:

In previous releases of the CAST Health Dashboard, this Excel spreadsheet only provided AEFP (Automated Enhancement Function Points) data. In this release, AEFP and AETP (Automated Enhancement Technical Points) data are both provided. This is done using two different tabs in the Excel spreadsheet:

  • Functional Part = AEFP
  • Technical Part = AETP

DASHBOARDS-852 - Snapshot version label now visible

The snapshot version label is now visible at Portfolio and Application level when drilling down from a tile in the Trends (former Evolutions) section:

DASHBOARDS-831 - Evolutions renamed as Trends

Section name

At both Portfolio and Application level, the former section called Evolutions has been renamed as Trends:

1.9.0 release

Previous releases

Option

The Evolutions option has been renamed as Trends at Application Level:

1.9.0 release

Click to enlarge

Previous releases

Click to enlarge

New features - CAST Engineering Dashboard

DASHBOARDS-513 - Report Generation feature

The ability to generate a range of reports direct from the CAST Engineering Dashboard has been introduced in this release. Various reports can be generated, however, some rely on the presence of CAST Report Generator for Dashboards (v. ≥ 1.9.0) in order to function.

Accessing the feature

From the Side Menu bar, click the following icon:

Available report categories

Three types of report categories are available:

CategoryEnabled by default?CAST Report Generator for Dashboards required?Additional configuration required?Output formatAvailable reports
Industry Compliance Reports(tick)(tick)(tick) See section below.Same format as the associated CAST Report Generator templates.

Available reports include:

Note that the default list of reports can be customized.

Miscellaneous Reports

(tick)(error)(error)

Inline in the browser

Can be downloaded in Excel format.

Available reports include:

Custom Reports 

(error)(tick)(tick) See section below.Same format as the associated CAST Report Generator templates.
This category enables you to define your own custom reports via CAST Report Generator templates.

Industry Compliance Reports

This category provides reports on various industry recognized standards such as:

  • CISQ
  • CWE
  • OWASP

Configuration process

These reports are based on templates provided with CAST Report Generator and therefore CAST Report Generator for Dashboards (v. ≥ 1.9.0) must be present on the server hosting Apache Tomcat in order for the reports to function. Some additional configuration is also required as explained below.

Assuming CAST Report Generator for Dashboards is present on the host machine, the next step is to configure the dashboard. Edit the following file with a text editor:

CATALINA_HOME\webapps\CAST-Engineering\WEB-INF\report.properties

Find the following options and modify as explained below:

# The location of the Report Generator Command line. If this variable is not set then the Web Services are not enabled.
# The path is probably something such as:
#report.reportGenerator=dotnet c:\\ReportGeneratorforDashboards\\CastReporting.Console.Core.dll

# Set the directory of reports
#report.directory=/tmp/reports
#report.directory=c:\\temp\\reports

# Set the current Web Service URL. The current REST API called back by the Report Generator.
report.webServiceURL=http://localhost:8888/CAST-RESTAPI/rest


report.reportGenerator=dotnet

Add a new line pointing to the location of the CastReporting.Console.Core.dll (part of CAST Report Generator for Dashboards) on the server hosting Apache Tomcat. You can also uncomment and modify an example line. For example:

report.reportGenerator=dotnet c:\\ReportGeneratorforDashboards\\CastReporting.Console.Core.dll

Note that the path to CastReporting.Console.Core.dll when using Microsoft Windows must always use double back slashes (\\) or single forward slashes (/) - the single back slash (\) is not valid.

report.directory=

Add a new line pointing to the temporary folder where the reports will be generated on the server hosting Apache Tomcat. You can also uncomment and modify an example line. For example:

report.directory=c:\\temp\\reports

Note that:

  • the path to the temporary folder when using Microsoft Windows, must always use double back slashes (\\) or single forward slashes (/) - the single back slash (\) is not valid.
  • The user that Apache Tomcat is running as must have read/write access to this location. In Linux environments, typically the "rw-" permission is sufficient.

report.webServiceURL=

Modify the existing line to point to the RestAPI in your CAST Engineering Dashboard deployment. This is used by the CAST Report Generator for Dashboards. For example:

report.webServiceURL=http://<server>:<port>/<dashboard>/rest

Generation process

Choose a report type from the Industry Compliance Reports category and click the Generate Report button:

The report will be generated and auto downloaded with your browser. Reports are generated using the same format as the associated CAST Report Generator templates. The report file name should contain the:

  • application name
  • snapshot version
  • report type

For example: MEUDON-Computed on 201901100941-CISQ Compliance Report.docx (MEUDON is an Application name).

A notification message is displayed when the report is generated:

If the report fails to generate, a notification is also displayed with the error message. Please refer this page about error messages handling: Report Service - 1.9.0.

This example shows that CAST Report Generator for Dashboards has not been configured:


Miscellaneous Reports

This category provides reports that can easily show where the biggest changes in violations between snapshots have occurred:

These reports are provided inline in the browser and do not require CAST Report Generator for Dashboards nor any additional configuration. Reports can be downloaded in Excel format:

Custom Reports

This category enables you to define your own custom reports via CAST Report Generator templates. The category is disabled by default (i.e. it does not contain any report templates). The templates you want to generate must be present on the server hosting Apache Tomcat in the "Templates" sub folder of your CAST Report Generator for Dashboards deployment location.

Configuration process

To enable and define the reports for the category, edit the following file:

CATALINA_HOME\webapps\CAST-Engineering\engineering\resources\ced.json

Find the following configuration section:

{
	"id": "custom",
	"label": "Custom Reports",
	"reportTemplates":[]
}

To add your report for a custom template called My Custom Template 2019.docx, change it as follows. Save the file and restart the host Apache Tomcat server for the changes to be applied:

{
	"id": "custom",
	"label": "Custom Reports",
	"reportTemplates":[
		{
			"templateLabel": "My Custom Template 2019",
			"templateId": "My+Custom+Template+2019"
		}
	]
}


  • Custom templates should be available in the Templates folder within the CAST Report Generator for Dashboards deployment folder, for example: ReportGeneratorCLIforAllOS\Templates.
  • templateLabel is a free text, this is used in the drop down list in the dashboard.

  • templateId should be the file name of the custom template name without the file extension and "+" signs in place of white space. For example, if your custom template name is My Custom Template.docx the templateId should be configured as "templateId": "My+Custom+Template+2019".

New features - All dashboards

SAML changes

Some changes have been made to login/logout behaviour for dashboards that are using SAML authentication:

  • If the combined "Health-Engineering" Dashboard or "Health-Security" Dashboard is in use, clicking on Re-login navigates to the Welcome page.
  • If the single Health Dashboard is in use, clicking on Re-login navigates to the home page.
  • If the single Engineering Dashboard or Security Dashboard is in use, clicking on Re-login navigates to the Application selection page.
  • No labels