Using Globalyzer Lite

Overview

Globalyzer Lite reads and parses Globalyzer Project Definition XML Files to create projects and scans, execute those scans, and generate reports.

The following sections describe how to install and run Globalyzer Lite; how to integrate Globalyzer Lite with your build system; how to display Globalyzer Lite reports in the Lingoport Dashboard; and finally, how to customize Project Definition files on the fly.


How to install Globalyzer Lite

To install Globalyzer Lite, first unzip it in a directory of your choice. After unzipping, Globalyzer Lite needs to be installed on your machine:

The optional .globalyzerrc file

If desired, you may create a .globalyzerrc file within your home directory. You can use this file to specify server information, login information and proxy settings. You can also set these settings within Globalyzer Lite Project Definition Files (see below). Settings specified in project definition files will override those in the .globalyzerrc.

If you create a .globalyzerrc, username, password, and the Globalyzer server URL are required. Lingoport's server is at https://www.globalyzer.com/gzserver, although you may be using one or more servers set up internally within your company.

If you have a server defined in the project definition file (that is, server is not blank), it must match the .globalyzerrc setting. Globalyzer Lite will refuse to run if two different servers are specified. The purpose of this check is to protect against retrieving rule sets from the wrong server.

Below is a fully filled out .globalyzerrc:


server https://www.globalyzer.com/gzserver
username user@company.com
password aPasswordHere

proxy-host https://internalhost.company.com
proxy-port 81038
proxy-user ExampleUser
proxy-password ExamplePassword
					

How to run Globalyzer Lite

After unzipping, installing, possibly creating a .globalyzerrc, and defining a Globalyzer Lite Project Definition XML file (or receiving a predefined one from your team), you will be ready to use Globalyzer Lite. To use it, call globalyzer-lite.jar, passing in the XML file. This is illustrated in the examples below.


> java -jar globalyzer-lite.jar lingoport/LiteProjectDefinition.xml

Here is a simple example LiteProjectDefinition.xml file, configured using minimal settings. This file, and its more advanced settings, are documented in the Globalyzer Lite Project Definition File help page.

The below settings are for a windows system. If using OSX or Linux, paths would instead be specified in unix style.


    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    <gzproject>
      <login>
        <username>bob@mycompany.com</username>
        <password>abc123</password>
        <server>http://globalyzer.com/gzserver</server>
      </login>

      <project-path>/home/Bob/project_source</project-path>
      <project-name>BobProject</project-name>

      <report-path>LiteReports</report-path>
      <report-type>ScanDetailedCSV</report-type>

      <scans>
        <scan>
          <scan-name>javascan</scan-name>
          <ruleset-name>java</ruleset-name>
          <ruleset-owner>bob@mycompany.com</ruleset-owner>
          <scan-items>
            <item>java</item>
          </scan-items>
        </scan>
        <scan>
          <scan-name>csharpscan</scan-name>
          <ruleset-name>csharp</ruleset-name>
          <ruleset-owner>bob@mycompany.com</ruleset-owner>
          <scan-items>
            <item></item>
          </scan-items>
        </scan>
        <scan>
          <scan-name>xmlscan</scan-name>
          <ruleset-name>xml</ruleset-name>
          <ruleset-owner>bob@mycompany.com</ruleset-owner>
          <scan-items>
            <item></item>
          </scan-items>
        </scan>
      </scans>
    </gzproject>
				

Run globalyzer-lite using the Project Definition File from the command line (Windows or Linux):


> java -jar globalyzer-lite.jar lingoport/LiteProjectDefinition.xml

        Reading Project Definition XML file.
        Validating input.
        Logging in.
        Creating project.
        Project path: /home/Bob/project_source
        Report path: LiteReports
        Creating scans.
         [1/3]  Creating javascan
                - Scan items: [java]
         [2/3]  Creating csharpscan
                - No scan items given, scanning all files matching rule set patterns
         [3/3]  Creating xmlscan
                - No scan items given, scanning all files matching rule set patterns
        Executing scans.
         [1/3]  Executing javascan             /home/Bob/project_source/lite_reports/javascan_detailed_report.csv
         [2/3]  Executing csharpscan           /home/Bob/project_source/lite_reports/csharpscan_detailed_report.csv
         [3/3]  Executing xmlscan              /home/Bob/project_source/lite_reports/xmlscan_detailed_report.csv
        Done.
				

Optionally, Globalyzer Lite supports using multiple command line arguments to override several options usually specified in a project definition file. These are as follows:


-f <string>
The location of the project description file. (Prefix optional)

> java -jar globalyzer-lite.jar -f lingoport/LiteProjectDefinition.xml


-l,--license <string>
Set custom location for Globalyzer.license file.

> java -jar globalyzer-lite.jar -l /home/Miguela/MyLicenseLocation lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --license /home/Miguela/MyLicenseLocation lingoport/LiteProjectDefinition.xml


-rl,--ruleset-location <string>
Set custom location for exported rule sets.

> java -jar globalyzer-lite.jar -rl /home/Miguela/MyRulesets lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --ruleset-location /home/Miguela/MyRulesets lingoport/LiteProjectDefinition.xml


-h,--help
Show the help message and all command line options.

> java -jar globalyzer-lite.jar -h
> java -jar globalyzer-lite.jar --help



		usage: help
		-co,--console-output <string>              Method for printing the
                                                    generated scan report output
							                     to the console. Requires use
							                     of one of:
							                     [ScanDetailedXML,
							                     ScanDetailedCSV]
							                     Valid input:
							                     [gnu, gnu_std, gnu-std]
							                     [vs, visual_studio,
						                         visual-studio]
							                     [ecd, eclipse-default,
						 	                     eclipse_default]
							                     [none]

		-db,--debug                                Print contents of all calls to
							                     the GlobalyzerAPI.

		-ddl,--data-dictionary-location <string>   Optional. Set custom location
							                     for Globalyzer Lite to write
							                     its internal dictionary
							                     information to. Default is
							                     '$HOME/.globalyzer'.

		-f <string>                                Location of project definition
							                     file. (Option prefix optional)

		-fwd,--filter-with-dictionary <string>     (Must be set to 'true' or
							                     'false') Whether or not to
						                         filter against a dictionary.
							                     By default, a dictionary will
							                     be used.

		-h,--help                                  Show this help message.

         -l,--license <string>                      Location of Globalyzer.license file.
							

		-pp,--project-path <string>                Path to the project that will
							                     be scanned.

		-rl,--ruleset-location <string>            Location of exported rule sets.
							
		-rp,--report-path <string>                 Path to write Globalyzer
							                     reports to.

		-si,--scan-items <string>                  Specify which
							                     files/directories to scan.
							                     (Overrides preferences for all
							                     scans). Place items together,
							                     separated by commas.
							                    'aFileName,aDirectoryPath,...'

		-st,--scan-timeout <string>                Timeout threshold, in seconds,
							                     for each file scanned.
							                     Defaults to 120 (2 minutes).
							                     Max 300 (5 minutes). SQL files
						                         are typically the slowest to
							                     scan.

		-vn,--version                              Display version number.
                

-si,--scan-items <string>
Specify which files/directories to scan. (Overrides preferences for all scans.) Place items together, separated by commas.

> java -jar globalyzer-lite.jar -si 'dir1,dir2,file1' lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --scan-items 'dir1,dir2,file1 lingoport/LiteProjectDefinition.xml


	
    Reading Project Definition XML file.
    Validating input.
    Logging in.
    Creating project.
    Project path: /home/Bob/project_source
    Report path: LiteReports
    Creating scans.
     [1/3]  Creating javascan
            - Scan items: [dir1, dir2, file1]
     [2/3]  Creating csharpscan
            - Scan items: [dir1, dir2, file1]
     [3/3]  Creating xmlscan
            - Scan items: [dir1, dir2, file1]
    Executing scans.
     [1/3]  Executing javascan            /home/Bob/project_source/LiteReports/javascan_detailed_report.csv
     [2/3]  Executing csharpscan          /home/Bob/project_source/LiteReports/csharpscan_detailed_report.csv
     [3/3]  Executing xmlscan             /home/Bob/project_source/LiteReports/xmlscan_detailed_report.csv
    Done.
				

-st,--scan-timeout <string>
Timeout threshold, in seconds, for each file scanned. Default is 120 seconds (2 minutes). Max is 600 seconds (10 minutes).

> java -jar globalyzer-lite.jar -st 10 lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --scan-timeout 300 lingoport/LiteProjectDefinition.xml


-pp,--project-path <string>
The path to the project that will be scanned.

> java -jar globalyzer-lite.jar -pp /home/Miguela/ProjectSource lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --project-path /home/Miguela/ProjectSource lingoport/LiteProjectDefinition.xml


    Reading Project Definition XML file.
    Validating input.
    Logging in.
    Creating project.
    Project path: /home/Miguela/ProjectSource/
    Report path: LiteReports
    ....

-rp,--report-path <string>
The path to write Globalyzer reports to.

> java -jar globalyzer-lite.jar -rp NewLiteReports lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --report-path NewLiteReports lingoport/LiteProjectDefinition.xml


    Reading Project Definition XML file.
    Validating input.
    Logging in.
    Creating project.
    Project path: /home/Bob/ProjectSource/
    Report path: NewLiteReports
				

-co,--console-output <string>
The method for printing the generated scan report output to an IDE console. This requires the use of specific report types in the Project Definition file: [ScanDetailedXML, ScanDetailedCSV]. The default value is 'none' and no output will be displayed to the IDE console. (See Report Information for more info.)
Valid inputs: [gnu, gnu_std, gnu-std, vs, visual_studio, visual-studio, ecd, eclipse-default, eclipse_default, none]

> java -jar globalyzer-lite.jar -co gnu lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --console-output gnu lingoport/LiteProjectDefinition.xml


    Reading Project Definition XML file.
    Validating input.
    Logging in.
    Creating project.
    Project path: /home/Bob/ProjectSource/
    Report path: LiteReports
    Creating scans.
     [1/3]    Creating javascan
        - Scan items: [java]
     [2/3]    Creating csharpscan
        - No scan items given, scanning all files matching rule set patterns
     [3/3]    Creating xmlscan
        - No scan items given, scanning all files matching rule set patterns
    Executing scans.
     [1/3]    Executing javascan             /home/Bob/ProjectSource/LiteReports/javascan_detailed_report.csv
     [2/3]    Executing csharpscan           /home/Bob/ProjectSource/LiteReports/csharpscan_detailed_report.csv
     [3/3]    Executing xmlscan              /home/Bob/ProjectSource/LiteReports/xmlscan_detailed_report.csv
    javascan (ScanDetailedCSV) results:
    /home/Bob/ProjectSource/java/EditCorrespondenceControl_MethodFilter.java:189: Embedded Strings, P1: "montaƱas"
    /home/Bob/ProjectSource/java/EditCorrespondenceControl_MethodFilter.java:190: Embedded Strings, P3: "ok"
    /home/Bob/ProjectSource/java/EditCorrespondenceControl_MethodFilter.java:197: Embedded Strings, P2: "Please ..."

    csharpscan (ScanDetailedCSV) results:
    /home/Bob/ProjectSource/csharp/Detail.cshtml:9: Embedded Strings, P3: "text/javascript"
    /home/Bob/ProjectSource/csharp/Detail.cshtml:12: Embedded Strings, P3: "#price"
    /home/Bob/ProjectSource/csharp/Detail.cshtml:15: Embedded Strings, P3: "price"

    xmlscan (ScanDetailedCSV) results:
    /home/Bob/ProjectSource/actionscript/Form.mxml:5: Embedded Strings, P3: "components.*"
    /home/Bob/ProjectSource/actionscript/Form.mxml:20: Embedded Strings, P1: "Get a free gift!"
    /home/Bob/ProjectSource/actionscript/Form.mxml:21: Embedded Strings, P1: "Name"

				

-ddl,--data-dictionary-location <string>
Set custom location for Globalyzer Lite to write its internal dictionary information to. Default is $HOME/.globalyzer. A folder, 'dict', will be created inside this location. E.g. '$HOME/.globalyzer/dict'.

> java -jar globalyzer-lite.jar -ddl /home/Miguela/GlobalyzerDict lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --data-dictionary-location /home/Miguela/GlobalyzerDict lingoport/LiteProjectDefinition.xml


-fwd,--filter-with-dictionary <string>
Whether or not to filter results against a dictionary. Default is 'true'.

> java -jar globalyzer-lite.jar -fwd true lingoport/LiteProjectDefinition.xml
> java -jar globalyzer-lite.jar --filter-with-dictionary false lingoport/LiteProjectDefinition.xml


-db,--debug
Prints out the content of all calls from Lite to the Globalyzer API. E.g.

...
GlobalyzerAPI.createProject("entered project name", "entered project path");
...
					

-vn,--version
Display the version of Globalyzer Lite being used.


> java -jar globalyzer-lite.jar -v
> java -jar globalyzer-lite.jar --version

    Globalyzer Lite Version: 6.7.0
				


Using Lite in an IDE

See the IDE usage instructions.



Customizing Project Definition Files on the Fly

You may wish to create a tokenized Project Definition File that can be reused for various projects. The tokens would be substituted with current project information via the build script, before calling Globalyzer Lite to read the file.

Simply use placeholder tokens in the XML file, then replace them during your build. For example:


<project-name>PROJECT_NAME_PLACEHOLDER</report-name>

You can then add the following sed command to your build:

sed --in-place "s|PROJECT_NAME_PLACEHOLDER|text to substitute|" $WORKSPACE/GlobalyzerProjectDefinition.xml


Your build script might then look like:

# Variables:
#   $WORKSPACE      : Source code location of the project to be scanned
#   $JOB_NAME       : Name of your Dashboard project
cp -f /path/to/TokenizedGlobalyzerProjectDefinition.xml $WORKSPACE/GlobalyzerProjectDefinition.xml
sed --in-place "s|PROJECT_NAME_PLACEHOLDER|$JOB_NAME|" $WORKSPACE/GlobalyzerProjectDefinition.xml
java -jar $LITE_HOME/globalyzer-lite.jar $WORKSPACE/GlobalyzerProjectDefinition.xml
				

If you're familiar with bash, sed and regular expressions, and wish for a more advanced method of substituting the contents of tags within the project definition, then the following bash function may be helpful:


replace_xml_token() {
  token_name=$1
  new_content=$2
  sed -ri "s|(<${token_name}>).*(</${token_name}>)|\1${new_content}\2|g" $WORKSPACE/ProjectDefinition.xml
}
				

Integrating Globalyzer Lite with Lingoport Dashboard

To display the reports generated by Globalyzer Lite on the Lingoport Dashboard, you must specify a specific report path. This report path must link to the GlobalyzerScans directory in your corresponding Dashboard Project.
For example:

<report-path>/var/lib/jenkins/Lingoport_Data/Dashboard/Projects/DashboardProjectName/GlobalyzerScans</report-path>

If you are configuring the Lingoport Dashboard for the first time, you may also need to create the Dashboard Project directory for your Dashboard Project and its GlobalyzerScans directory. Click here for information on the Lingoport Dashboard.

The next time DashboardUpload.sh is run for Globalyzer Scans, your results will appear on the Dashboard. For example:

# Variables:
#   $JOB_NAME       : Name of your Dashboard project
#   $WORKSPACE      : Source code location of the project to be scanned
#   $LITE_HOME      : Location Globalyzer Lite was unzipped to
#   $DASHBOARD_HOME : Location of the Lingoport Dashboard installation
				

To set the location of LITE_HOME and DASHBOARD_HOME, first go to https://jenkins.url:port/configure. Find "Global Properties" and check "Environment variables". Next, add a key-value pair for LITE_HOME and another for DASHBOARD_HOME.

Jenkins will automatically set WORKSPACE and JOB_NAME.


Shell script run:
  set -x
  java -jar $LITE_HOME/globalyzer-lite.jar $WORKSPACE/GlobalyzerProjectDefinition.xml \
    --project-path "$WORKSPACE" \
    --report-path "/var/lib/jenkins/Lingoport_Data/Dashboard/Projects/$JOB_NAME/GlobalyzerScans"
  cd /var/lib/jenkins/Lingoport_Data/Dashboard/Projects/$JOB_NAME
  $DASHBOARD_HOME/bin/DashboardUpload.sh "$WORKSPACE" "$JOB_NAME" "G"


Output:
+ env
JOB_NAME="projectName"
WORKSPACE="/var/lib/jenkins/jobs/$JOB_NAME/workspace"
LITE_HOME="/var/lib/jenkins/lingoport/globalyzer-lite-6.7.0"
DASHBOARD_HOME="/var/lib/jenkins/lingoport/dashboard-client-5.1.2.2"

+ java -jar $LITE_HOME/globalyzer-lite.jar $WORKSPACE/GlobalyzerProjectDefinition.xml \
    --project-path "$WORKSPACE" \
    --report-path "/var/lib/jenkins/Lingoport_Data/Dashboard/Projects/$JOB_NAME/GlobalyzerScans"

  Reading Project Definition XML File.
  ...
    [1/1]    Executing javascan             /var/lib/jenkins/Lingoport_Data/Dashboard/Projects/projectName/GlobalyzerScans/javascan_detailed_report.xml
  ...
  Done.

+ cd /var/lib/jenkins/Lingoport_Data/Dashboard/Projects/$JOB_NAME
+ $DASHBOARD_HOME/bin/DashboardUpload.sh "$WORKSPACE" "$JOB_NAME" "G"