Documentation Nexus IQ Server 1.18

Our documentation site has moved. For the most current version, please see http://help.sonatype.com

14.3. Adding the Sonatype CLM Analysis Task

So now it’s time to put everything you did to install and configure Sonatype CLM for Bamboo to good use, and add a Sonatype CLM Analysis Task.

The Sonatype CLM Analysis Task is available once you’ve installed and configured the Sonatype CLM Addon. The following steps will walk you through adding this new task to a job.

  1. After navigating into a Bamboo Project > Plan > Stage > and then Job, click on the Add task button.

    figs/web/bamboo-add-task.png
  2. A modal will display offering a list of Task Types. The Sonatype CLM Analysis Task is listed in the Test type, or you can simply use search.

    figs/web/bamboo-select-sonatype-task.png
  3. Enter the following information:

    Task Description
    A simple description to remember what the task does.
    CLM Application
    The list of CLM Applications corresponds to the account used during CLM for Bamboo configuration. Remember, this is the CLM Application containing the policies that components in the build will be evaluated against.
    Fail build when CLM is unable to evaluate

    Check this option if you want to fail the build when a CLM evaluation can’t be performed. Once checked, if for any reason the evaluation is not generated, the build will be failed. An example of this might be if the CLM server is inaccessible. In the same example, but where the Fail the build option is left unchecked, the build would continue as it would have normally.

    [Tip]

    In any case where CLM is unable to evaluate an application, details are provided in the job/build-specific log.

    CLM Stage
    This corresponds to the stage you wish the policy evaluation of the application/project to be run against. Additionally, this will correspond to the stage location when viewing report information via the CLM Server. For example, if you chose the Build stage, summary and dashboard violation results will be displayed accordingly.
    Scan Targets
    The scan targets setting allows you to control which files should be examined with an Apache Ant styled pattern. The pattern is relative to the project workspace root directory and inherits the global configuration.
    Module Excludes
    If you are using the Sonatype CLM for Maven plugin, module files are created, and can contribute to results found during an evaluation. For information on how to exclude these files, please see the Excluding Module Information Files in Continuous Integration Tools of the Sonatype CLM for Maven chapter.
    figs/web/bamboo-sonatype-task-form.png
  4. Click the "Save' button.

    figs/web/bamboo-task-added.png