Logo Sonatype CLM Sonatype CLM - CI User Guide
Documentation Index
Sonatype CLM Downloads
Document Descriptions
Release Notes

Sonatype CLM Server
Installation and Deployment Guide
Security Administration Guide
Policy Management Guide
Report User Guide

CI User Guide

IDE User Guide

Repository Manager User Guide

Nine Steps For Open Source Governance
Optimized Component Lifecycle Management with Sonatype CLM

Sonatype CLM - CI User Guide

4.1. CLM Maven Plugin Introduction

A Sonatype CLM evaluation of a Maven based software project can be assisted by the Sonatype CLM Maven plugin. It can take advantage of the dependency information contained in the project’s pom.xml files and the information about transitive dependencies available to Maven. It can be run on a command line interface and can therefore be executed on any continuous integration server.

When using the plugin on a multi-module project in most cases you will only configure an execution for the modules that produce components that will be deployed as an application. Typically these are ear files or war files for deployment on application servers or tar.gz or other archives that are used for production deployments or distribution to users. However you can also analyze a all modules of a project. This will largely depend on what your CLM policy is enforcing and what you want to validate.

The index goal of the plugin allows you to prepare data for analysis with Sonatype CLM for CI.

The attach goal aids your integration with Sonatype Nexus CLM Edition and the release process using the staging tools of Nexus.

The evaluate goal can trigger an evaluation directly against a Sonatype CLM server.

The help goal provides documentation for all the goals and parameters and you can invoke it with an execution like

mvn com.sonatype.clm:clm-maven-plugin:2.1.1:help

The following sections detail a these goals and their usage.