Skip to main content

Scan Execution Using MSBuild

The following procedure uses MSBuild commands to manually invoke a Code Insight scan on your solution codebase.

To run a scan using MSBuild, do the following:

  1. Open a command-line prompt as an administrator, navigate to the MSBuild directory.

    • Note that these directories might vary based on your Visual Studio version:

      Visual Studio VersionMSBuild Directory
      VS2017c:\Program Files (x86)\Microsoft Visual Studio\2017\<INSTALLED_EDITION>\MSBuild\15.0\Bin
      VS2015C:\Windows\Microsoft.NET\Framework\<FRAMEWORK_VERSION> C:\Program Files (x86)\MSBuild\14.0\Bin
      VS2019C:\Program Files (x86)\Microsoft Visual Studio\2019\<INSTALLED_EDITION> \MSBuild\Current\Bin

  2. Enter the following command:

MSBuild.exe “<PATH_OF_SOLUTION_FILE>” /p:CodeInsightScan=true

  • The command uses these parameters:

  • <PATH_OF_SOLUTION_FILE>—The absolute path of the solution directory you are scanning.

  • CodeInsightScan—The parameter indicating that you want to run a Code Insight scan. Set this parameter to true. If you omit this option or set it to false, no scan is run.

  • CodeInsightConfig—(Optional) The absolute path of the .ini configuration file if it does not reside in the solution directory specified for <PATH_OF_SOLUTION_FILE>. If you provide a value for this option, use the following command syntax:

MSBuild.exe “<PATH_OF_SOLUTION_FILE>” /p:CodeInsightScan=true; CodeInsightConfig=<ABSOLUTE_PATH_TO_INI_CONFIG_FILE>

  1. When the scan completes, click the URL at the end of the build output to connect to Code Insight. You are opened to the Project Inventory tab for the Code Insight project created for the scan. From here you can review, manage, and remediate the inventory resulting from the scan. For further instructions, refer to “Reviewing Published Inventory” in the “Using Code Insight” chapter in the Code Insight User Guide.