Logo Sonatype CLM Sonatype CLM Server - Policy Management Guide
Documentation Index
Sonatype CLM Downloads
Document Descriptions
Release Notes

Sonatype CLM Server
Installation and Deployment Guide
Security Administration Guide
Policy Management Guide
Report User Guide

CI User Guide

IDE User Guide

Repository Manager User Guide

Nine Steps For Open Source Governance
Optimized Component Lifecycle Management with Sonatype CLM

Sonatype CLM Server - Policy Management Guide

7.12. Summary

It can be easy to forget about policy elements, and in most cases these should be reserved for more advanced users. For example, deciding what labels to use, and binding them to a specific process is very important in helping to ensure they aren’t overused. Equally important is creating tags that will provide an automatic evaluation of applications against policies with matching tags. In the case of license threat groups, you likely want to consult your legal team to make sure you remain compliant to parameters they have established. In fact, if you haven’t already they should be included in your policy development discussions.

As far as this section goes, here’s what you should have taken away.

  • Understanding policy elements (labels, license threat groups, and tags).
  • Create a label and a condition based on it.
  • Create a license threat group and a condition based on it.
  • Create tags at the organization level, and apply to applications.
  • Understand the impact of matching policies to applications using tags.