Documentation Nexus IQ Server 1.16

Our documentation site has moved. For the most current version, please see http://help.sonatype.com

20.3. Evaluating an Application

Now that you have Sonatype CLM for CLI set up, you are ready to evaluate an application. As a Java application, it can be started using the java command, and adding the necessary parameters. The syntax below represents the minimum set of options required to evaluate an application:

java -jar [scanner jar] -i [application id] -s [server URL] [target]
scanner jar
This is the path to Sonatype CLM for CLI (scanner) jar file e.g. ./sonatype-clm-scanner.jar.
--authentication
Using the switch -a, enter the user name:password (e.g. MyUserName:MyUserPassword).
[Note]

Authentication will permit (or prevent) the ability to submit an application for evaluation, as well as retrieve the summary results and URL. At this time, it is not required.

--application-id
Using the switch -i, enter the application id for your application (see instructions above).
--server-url
Using the switch -s enter the location of your CLM server (e.g. http://localhost:8070).
Target
This is the path to a specific application archive file or a directory containing such archives. A number of formats are supported, including jar, war, ear, tar, tar.gz, zip and many others.
[Tip]

Listed in the options below, you can specify the specific CLM stage. However, if you do not include this option the system will default to the Build stage.

20.3.1. Additional Options

There are several additional options that can be used in the construction of the syntax for evaluating an application with Sonstype CLM for CLI.

--fail-on-policy-warnings
using the switch -w will cause a failure of the evaluation if any warnings are encountered. By default, this is set to false.
--ignore-system-errors
Using the switch -e, allows you to ignore any system errors (e.g. IO, Network, server, etc.). This is most helpful when using Sonatype CLM for CLI with continuous integration servers, as these errors can cause the unintentional failure of a build.
--proxy
Using the switch -p, you can specify a proxy to use in connecting to the CLM Server. The format is <host[:port]>.
--proxy-user
Using the switch -U, you can specify credentials for the proxy. The format is <username:password>.
--result-file
Using the switch -r, you can specify the name and location of a JSON file that will store the results of the policy evaluation in a machine-readable format.
--stage
Using the switch -t, you can specify the Sonatype CLM stage you wish the report to be associated with. This is an optional parameter, and if it is not specified, the report will be associated with the Build stage by default.
[Note]

At this time only the Build, Stage Release, and Release stages will display a report in the CLM Reports Dashboard. For a full list of stages, use the CLI help provided with the tool.