documentation updates

manual/configuration-general.tex

@@ -71,8 +71,9 @@ \subsubsection{Checkmarx SAST Connection Configuration}
     mnoURL=""
     TimeoutSeconds="" 
     ValidateCertificates="true"
-    RetryLoop=""
-    />
+    RetryLoop="">
+    <UseOdata Projects="" />
+</CxSASTConnection>
 \end{xml}
 
 \begin{table}[h]
@@ -94,6 +95,32 @@ \subsubsection{Checkmarx SAST Connection Configuration}
     \end{tabularx}
 \end{table}
 
+\noindent\\The sub-element \texttt{UseOdata} is optional.  The properties for the element indicate
+when some API I/O should be done using the OData API instead of the REST API. This may be used
+in cases where REST APIs are performing poorly due to the size of the response payload.
+\footnote{It is recommended to avoid using the OData API unless there are no other options.}
+
+\noindent\\Note that using the Odata API introduces the following limitations:
+
+\begin{itemize}
+    \item Project
+    \begin{itemize}
+        \item Branch projects no longer export any branch information.  The branch information is
+        not available via the Odata API.
+    \end{itemize}
+\end{itemize}
+
+\begin{table}[h]
+    \caption{UseOdata Attributes}        
+    \begin{tabularx}{\textwidth}{cccl}
+        \toprule
+        \textbf{Attribute} & \textbf{Default} & \textbf{Required} & \textbf{Description}\\
+        \midrule
+        \texttt{Project} & False & No & \makecell[l]{Use the Odata API to retrieve SAST projects.}\\
+        \bottomrule
+    \end{tabularx}
+\end{table}
+
 \begin{xml}{CxSASTCredentials}{\expandsenv\encrypts}{}
 <CxSASTCredentials
     Username=""

manual/deploymentguide.tex

@@ -134,6 +134,12 @@ \subsection{SAST}
         \item Scan Results->View Results
     \end{itemize}
 
+    \item If you have \hyperref[sec:connection]{configured any APIs to use OData}, 
+    the CxAnalytix role should have the following additional permissions:
+    \begin{itemize}
+		\item API->Use Odata
+    \end{itemize}
+
 \end{itemize}
 
 \subsection{SCA}
@@ -143,7 +149,7 @@ \subsection{SCA}
 \begin{itemize}
     \item The service account should be assigned at a team level that allows visibility to all projects that require crawling. 
     Usually this is the \verb|/CxServer|
-    team but will depend on your configured team heirarchy. Any projects assigned to teams above or at a sibling level of the service account's assigned team 
+    team but will depend on your configured team hierarchy. Any projects assigned to teams above or at a sibling level of the service account's assigned team 
     will not be visible to crawling requests.
 
     \item A role named CxAnalytix should be created and assigned to the service account user. The role should have the following minimum permissions:

manual/release_notes-content.tex

@@ -10,6 +10,14 @@ \subsection*{FEATURES}
 \subsection*{UPDATES}
 \begin{itemize}
     \item Issue 225 - Documentation updates for required SAST user roles.
+    \\\\Additional roles are required to allow retrieval of the scan statistics data.
+
+    \item The OData API can be used in lieu of the REST API for some scenarios where the
+    REST API performs poorly.
+    \\\\Please review the configuration documentation sections to understand any limitations
+    introduced by using the OData API.  Additional security roles may be needed for
+    your service account to be able to use the OData API; please review the deployment
+    documentation to understand any required security role changes.
 \end{itemize}
 
 \section{2.1.1}