In an example scenario, let’s say you have copied the sonatype-clm-scanner.jar
as well as the application you want to examine to a specific directory e.g.
~/clm-test
. The application’s filename is sample-application.zip
.
To evaluate this application you have to identify the Sonatype CLM Application
ID and supply it with the -i
switch as well as supply the URL of your CLM
server with -s
. As an option, and what is demonstrated below, you can also
specify a particular stage.
The full command line for an Application ID Test123
and a URL of
http://localhost:8070
is
java -jar ./sonatype-clm-scanner.jar -i Test123 -s http://localhost:8070 -t release sample-application.zip
To access help content for Sonatype CLM for CLI, run it without supplying parameters:
java -jar ./sonatype-clm-scanner.jar
Go ahead and try an evaluation yourself. Sonatype CLM for CLI will accept a number of file types, including jar, war, and zip files. If your evaluation is successful, the log output of the command execution will provide a summary as well as a link to the produced results similar to:
[INFO] Policy Action: Warning [INFO] Summary of policy violations: 4 critical, 85 severe, 46 moderate [INFO] The detailed report can be viewed online at http://localhost:8070/ui/links/application/my-app/report/95c4c14e
If using Sonatype CLM for CLI, and you kept our defaults, the report will be listed under Build Violations. You should see something similar to the results displayed in Figure 20.2, “Violations Report After an Evaluation”. |
Terms of Service Privacy Policy
Copyright ©
2008-present, Sonatype Inc. All rights reserved. Includes the
third-party code listed here. Sonatype and Sonatype Nexus are trademarks
of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache
Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation.
All other trademarks are the property of their respective owners.
Sonatype Headquarters - 8161
Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8251 Greensboro Drive #610, McLean, VA
22102
Australia Office - 5 Martin Place, Level 14, Sydney 2000, NSW, Australia