Create metadata for scan projects
You can configure metadata that Contrast collects when you try to create a scan project. Configuring metadata lets you decide whether to restrict the creation of scan projects or running scans if metadata is missing.
The scan project list shows the configured metadata.
Before you begin
If role-based access control is turned on, you need a role with the Manage organization action.
If you are using organization users and groups for access control, you need the Organization Admin role.
Currently, metadata is supported for new scan projects only.
Steps
From the user menu, select Organization settings.
Select Scan projects.
In Scan Configuration, for each field enter:
Field type: Freeform.
Freeform is the only supported field type.
Value: Enter a new value for this field.
Value condition: Use the checkbox to indicate whether the metadata value provided is Required or Unique for each project.
You can select both conditions.
The Scan local engine configuration preview shows the settings that you can include in a
.contrast-scan.jsonfile. If you want to use this file to configure the Scan local engine, create this file In the root folder of the source code you are scanning.
Select Add field to complete as many rows as needed.
To prevent creation of scan projects or the ability to run a new scan that is missing all required fields, select Restrict scan projects missing required fields.
This restriction applies to new scan projects that you create with the Contrast web interface, the Contrast CLI, or the Contrast Scan local engine.
When you select this option, the Contrast web interface displays a warning message if you try to create a scan project without selecting the required metadata.