Installation, Configuration, and Usage Guide
Chapter 6: About Upgrading ScanCentral SAST Components
Enabling and Disabling Auto-Updates of Clients and
Sensors
You can have all ScanCentral SAST clients and sensors check with the Controller after a manual
update and following each startup to determine whether updates are available (the client or sensor
version is earlier than the Controller version). Then, if an update is available, the Controller updates all
sensors and clients.
The upgrade paths for clients and sensors are as follows:
l
Standalone clients can be upgraded to a patch or major version (for example from 22.2.0 to 23.1.0,
or from 23.1.0 to 23.2.0).
l
If auto-upgrade is enabled and a major upgrade of standalone clients fails, the clients do not start
any jobs until they are upgraded.
l
If auto-upgrade is enabled and a patch upgrade of standalone clients fails, the clients continue to
work, but a warning is displayed.
l
You can upgrade embedded clients and sensors to a patch version only (for example, from 23.1.0
to 23.1.1 or 23.1.2, but not to 23.2.0). Auto-upgrade for major versions is not available for
embedded clients and sensors.
l
If auto-upgrade is enabled and a patch upgrade of an embedded client fails, the clients and sensors
continue to work but a warning is displayed.
To upgrade sensors and embedded clients to the next version, you must install the latest Fortify
Static Code Analyzer version.
About Scan Assignment
Clients can assign scans to Fortify Static Code Analyzer instances that have the same major version
and any patch of that version. For example, a 23.1.0 client can send scans to Fortify Static Code
Analyzer versions 23.1.0, 23.1.1, 23.1.2, and so on. However, a client cannot assign scans to Fortify
Static Code Analyzer of a different major version. For example, 23.1.0 clients cannot send scans to
Fortify Static Code Analyzer version 23.2.0.
Important! ScanCentral SAST clients and sensors check for updates only if you use the -url or -
sscurl options. The package command will not start the update process.
To enable or disable automatic updates of your clients and sensors:
1.
Navigate to the <controller_dir>/tomcat/webapps/scancentral-ctrl/WEB-
INF/classes directory and open the config.properties file in a text editor.
2.
3.
Locate the client_auto_update property.
To enable auto-updates, set client_auto_update to true. To disable auto-updates, set the
value to false (the default).
4. Save and close the file.
Micro Focus Fortify ScanCentral SAST (23.1.0)
Page 68 of 109