Enabling and Disabling Auto-Updates of Clients and Sensors

You can have all ScanCentral SAST clients and sensors check with the Controller after a manual update and following each startup to determine whether updates are available (the client Requesting program or user in a client/server relationship. For example, the user of a web browser is effectively making client requests for pages from servers all over the web. The browser itself is a client in its relationship with the computer that is getting and returning the requested HTML file. The computer handling the request and sending back the HTML file is a server. or sensor version is earlier than the Controller version). Then, if an update is available, the Controller updates all sensors and clients.

The upgrade paths for clients and sensors as of version 20.2.0 of Fortify ScanCentral SAST are as follows:

Standalone clients can be upgraded to a patch or major version (for example from 21.2.0 to 22.1.0, or 21.2.0 to 22.2.0).
If auto-upgrade is enabled and a major upgrade of standalone clients fails, the clients do not start any jobs until they are upgraded.
If auto-upgrade is enabled and a patch upgrade of standalone clients fails, the clients continue to work, but a warning is displayed.
You can upgrade embedded clients and sensors to a patch version only (for example, from 21.2.0 to 21.2.1 or 21.2.2, but not to 22.2.0). Auto-upgrade for major versions is not available for embedded clients and sensors.
If auto-upgrade is enabled and a patch upgrade of an embedded client ScanCentral client that comes with SCA and Apps. fails, the clients and sensors continue to work but a warning is displayed.

To upgrade sensors and embedded clients to the next version, you must install the latest SCA and Apps Installer for Fortify Static Code Analyzer and component applications. version.

About Scan Assignment

Clients can assign scans to Fortify Static Code Analyzer instances that have the same major version and any patch of that version. For example, a 22.1.0 client can send scans to Fortify Static Code Analyzer versions 22.1.0, 22.1.1, 22.1.2, and so on. However, a client cannot assign scans to Fortify Static Code Analyzer of a different major version. For example, 21.2.0 clients cannot send scans to Fortify Static Code Analyzer version 22.2.0.

Important! ScanCentral SAST clients and sensors check for updates only if you use the -url or -sscurl options. The package command will not start the update process.

To enable or disable automatic updates of your clients and sensors:

Navigate to the <controller_dir>/tomcat/webapps/scancentral-ctrl/WEB-INF/classes directory and open the config.properties file in a text editor.
Locate the client_auto_update property.
To enable auto-updates, set client_auto_update to true. To disable auto-updates, set the value to false (the default).
Save and close the file.

The update process (and its resulting success or failure status) is printed to the console.

Important! If Fortify Static Code Analyzer and applications is installed in a location that requires that you have administrator privileges to modify it (for example, program files), in order to update the sensor, you must start it with administrator privileges. Otherwise, the sensor cannot write files to disk. If auto-update is enabled, major updates on standalone clients must finish successfully before the sensor can start. With auto-update enabled, patch updates allow sensors and clients to start unless the upgrade fails.

Upgrading the ScanCentral SAST Controller