Each scan has configuration options that are by default available in files named xygeni.yml and xygeni.<command>.yml in the scanner's conf directory. Each file is a YAML document that could be edited and uploaded to the Xygeni platform for reuse.
See following sections for specific scanner configurations:
Quotes surrounding key:value are optional, depending on shell metacharacters that can appear in key:value
key is the name of the configuration property, and value is the value to be assigned. For nested properties separate the parts with '/'.
Examples:
# Disable commit resolutionxygeni-cop'commitResolution:never'scan...# Set parallel mode with two threadsxygeni-cop'mode:parallel'-cop'parallelism:2'secrets...# Disable timeoutxygeni-cop'timeout:0'secrets...# More complex cases (using long or short option names):xygeni--config-option"report[format=text]/sort: exposure"\--config-option"report[format=text]/borders: none"\--config-option"parallelism: min(availableProcessors - 1, 4)"\scan...# Imagine that the user has this environment var instead of the expected JENKINS_URLxygeni-cop"cicd[kind=jenkins]/url: ${MY_JENKINS_URL}"misconf...
Note that many configuration options are passed through environment variables or local files in CI/CD pipelines, and for sporadic changes it may be easier to specify a few options with --conf-option, possibly storing command line options in an @argument file which could be under version control, etc.) This could be convenient when many configuration properties need to be overridden for scanning a particular project.
Follow our Central Configuration for instructions on how to handle central configuration.
