Documentation Nexus IQ Server 1.34

Our documentation site has moved. For the most current version, please see http://help.sonatype.com

24.4. Example Evaluation

In an example scenario, let’s say you have copied the nexus-iq-cli-1.34.0.jar as well as the application you want to examine to a specific directory e.g. ~/nexus-iq-server-test. The application’s filename is sample-application.zip.

To evaluate this application you have to identify the application ID and supply it with the -i switch as well as supply the URL of your IQ Server with -s. As an option, and what is demonstrated below, you can also specify a particular stage.

The full command line for an Application ID Test123 and a URL of http://localhost:8070 is

java -jar ./nexus-iq-cli-1.34.0.jar -i Test123 -s http://localhost:8070
-t release sample-application.zip

To access help content for the Nexus IQ CLI, run it without supplying parameters:

java -jar ./nexus-iq-cli-1.34.0.jar

Go ahead and try an evaluation yourself. The Nexus IQ CLI will accept a number of file types, including jar, war, and zip files. If your evaluation is successful, the log output of the command execution will provide a summary as well as a link to the produced results similar to:

[INFO] Policy Action: Warning
[INFO] Summary of policy violations: 4 critical, 85 severe, 46 moderate
[INFO] The detailed report can be viewed online
at http://localhost:8070/ui/links/application/my-app/report/95c4c14e
figs/web/clm-server-scanner-violations-report.png

Figure 24.2. Violations Report After an Evaluation


[Note]

If using the Nexus IQ CLI, and you kept our defaults, the report will be listed under Build Violations. You should see something similar to the results displayed in Figure 24.2, “Violations Report After an Evaluation”.