Advanced rescan for CAST Imaging - add a new version and deliver source code

Unticked by default. Selecting the option will cause the Application to be backed up as part of the actions you choose. This may cause some additional processing time while the backup completes. Backups are stored in the following location on the relevant AIP Node and can be managed in Administration Center - Applications - Application Details:

%PROGRAMDATA%\CAST\AipConsole\AipNode\backup\<application_name>\YYYYMMDDHHMM.zip

This will ensure that your configuration (Modules, Exclusion Rules and Objectives) are identical to the settings used in the previous version, therefore retaining result continuity, although you are free to make changes to Exclusion Rules and Optimizations if you require by clicking the Next button as highlighted below - note that changing other settings in the wizard may impact the stability of your results. In addition, the option Enable Automatic discovery (see below) will be available (and will be enabled).

Click to enlarge

When disabled, AIP Console will create a version ignoring any previous Version settings and options - i.e. as if it was a brand new Version.

• When enabled (default position), AIP Console will perform the "code discovery" step and as a consequence, for any new source code added in the new version, new extensions may be downloaded i.e. discovered and force_install extensions (unless a specific Extension Strategy (Administration Center - Extensions Strategy / Administration Center - Settings - Extensions Strategy) is in place), new packages may be detected and new Analysis Units may be created. Note that new releases of extensions that were used in the previous version will NOT be automatically downloaded, installed and used.
• When disabled, AIP Console will not perform the "code discovery" step and as a consequence this ensures that the configuration of the new version is identical to the configuration used in the previous version even if new source code has been added in the new version. No new extensions will be downloaded and installed and no existing extensions will be updated.

Choose whether you want to run an analysis immediately after the source code is delivered. Technically the Run analysis option also includes an internal step called "Prepare analysis data" step, which allows:

• Source code to be viewed when validating Dynamic Links
• Architecture Models results to be checked before running an analysis

Standard rescan for CAST Imaging

For a Standard onboarding scenario, you should enable this option. Enabling this option includes the following steps that would otherwise need to be manually actioned:

• Validate the Version - i.e. the delivered source code
• Accept the Version
• Set as current version - i.e. the version to be analyzed

Enabling the option will also automatically expose the following options:

Advanced rescan for CAST Imaging

For an Advanced rescan scenario, you should disable this option. This will allow you to work through the process of validating/accepting the version, running an analysis and publishing to CAST Imaging as separate steps.

Choose whether you want to publish the data in your CAST Imaging instance immediately after the source code is delivered. This option is enabled by default:

Standard rescan for CAST Imaging

For a Standard rescan scenario, you should enable this option.

Advanced rescan for CAST Imaging

For an Advanced rescan scenario, you should disable this option. This will allow you to work through the process of validating/accepting the version, running an analysis and publishing to CAST Imaging as separate steps.

This option is only visible in rescan mode in AIP Console ≥ 1.25, when the Same configuration as previous version option is enabled.

When the option is:

• disabled, all Ignore Patterns options are also disabled and cannot be edited or removed - this ensures that the same ignore patterns are applied to the new source code delivery as were applied in the previous delivery.
• enabled, all Ignore Patterns options are also enabled and can be edited and removed - this allows you to change the ignore patterns for this new source code delivery. Bear in mind that changing the ignore patterns for a new delivery can impact the subsequent analysis results.

Note that this option should be typically left in the disabled position if you have imported an application from CAST Management Studio (see Import an Application managed with CAST Management Studio into AIP Console) and are re-analyzing the source code with AIP Console: exclusion rules are different in CAST Management Studio/Delivery Manager Tool and in AIP Console, and if you use the AIP Console interface to add the exclusion rules, these will overwrite the exclusion rules managed in CAST Management Studio/Delivery Manager Tool.

The pattern matching system uses glob patterns (see https://docs.oracle.com/javase/tutorial/essential/io/fileOps.html#glob for examples of how this system works). Enter an expression to match the folders you want to exclude and then click ADD to add the expression to the list of excluded items:

For example:

• *.txt will exclude all files with the extension .txt
• tests/ will exclude any folders named tests and everything inside them - e.g. root_folder/tests, root_folder/another_folder/tests
• *.Tests/ will exclude any folders whose name includes .Tests (for example C:\Support\Delivery\Sample.Tests\sample\)
• patterns starting with / will exclude starting only from the root folder. In other words, /tests/ will exclude everything in the specific folder root_folder/tests but not root_folder/another_folder/tests

This option enables you to preview which files/folders will be excluded from the source code analysis. In the example below, an ignore pattern called "sql/" has been added (ignoring any folder named "sql" or "SQL"):

This option enables you to choose from a template that has been predefined in the Administration Center - Settings - Exclusion templates panel under Exclusion Templates:

When a template is selected, the list of exclusions will be populated with those defined in the template. You can delete items if you prefer:

Click  to access a screen where you can select the files and folder from the uploaded archive file you want to exclude (the archive will be unpacked by AIP Console) - place a check mark in the items that must be excluded, then click SAVE to add them to the list of exclusions:

This option focuses on function points measurement. Selecting this option will currently install the following extensions (in addition to any that are discovered, set to force install or those that are automatically active / shipped extensions):

• com.castsoftware.automaticlinksvalidator

This option focuses on flow of data identification and will deliver associated results. Selecting this option will currently install the following extensions (in addition to any that are discovered, set to force install or those that are automatically active / shipped extensions):

• com.castsoftware.automaticlinksvalidator
• com.castsoftware.datacolumnaccess
• com.castsoftware.mainframe.sensitivedata (in AIP Console ≥ 1.26)

GDPR / PCI DSS

Two additional options are available (in AIP Console ≥ 1.26) specifically enabling a check of a set of predefined sensitive key words related to GDPR (General Data Protection Regulation) and/or PCI-DSS (Payment Card Industry Data Security Standards) data:

Each option corresponds to one .datasensitive file located in the following location on the AIP Node:

%PROGRAMDATA%/CAST/AipConsole/AipNode/datasafetychecks

In other words, enabling the GDPR option (for example) will force the check using the keywords defined in GDPR_Keywords.datasensitive. When the analysis runs, the predefined .datasensitive file corresponding to the chosen option is sent to the LISA folder (LISA/{appGuid}/DataSafety) and any key words defined in them will be checked. If any key words are found in the source code a flag will be added in the analysis results on the object in question. This can be seen as below:

Click to enlarge

Click to enlarge