Greenlight CI Tool Parameters

Veracode Greenlight

The only required parameters are --api_id and --api_secret_key.

Parameter Long Version Definition/Options
-a --analyze_only Enter true to only analyze the existing results JSON file, as specified by json_output_file, for debug purposes, without checking the Git status or uploading anything. Default: false.
-b --build_dir List the directories, comma-separated and relative to the Git directory, where you want the build output to go. When scanning multiple directories, the results may not prepend the build directory to the filename, causing flaw location ambiguity. Default: build/classes/java/main.
-bp --best_practices Indicate if you want Greenlight to list any coding best practices found in the files. Default: true.
-c --commit Enter the commit hash that you want Greenlight to scan. Default: HEAD.
-cb --callback_url This location is the URL to which the results JSON files are posted.
-g --git Enter the Git repository directory. Defaults to the current directory (".").
-h --help Lists all the possible commands and parameters for the Greenlight CI tool.
-i --api_id Required. Enter your Veracode API credentials username.
-ic --issue_counts Enter the number of issues (Y) for each severity level (X) at which you want the build to fail. Use 0 (zero) to ignore issues of a severity. If you do not provide a value for a severity, the default is 1. For example: "--issue_counts=2:0,1:0,0:0" ignores any flaws below severity 3. The default is to fail on 1 or more issues at severity 1 or above. Default: 5:1,4:1,3:1,2:1,1:1,0:0.
-id --issue_details Enter true to show the details for all the flaws and best practices that Greenlight found. Default: false.
-j --jar Scans the specified, pre-existing JAR file. Use instead of --commit_hash. The JAR cannot be bigger than 1 MB.
Note: If you run the tool on JVM 9+, you may need to add --add-modules java.xml.bind to the java command, before the -jar option.
-jf --json_output_file The JSON output filename that Greenlight saves. Default: results.json.
-k --api_secret_key Required. Enter your Veracode API credentials secret key.
-op --oversize_pass Enter true to allow a build to succeed when the upload package or file exceeds the size limit for Greenlight scans.
-p --project_name Enter the project name if you want the findings included in the results summary and results JSON files that Greenlight stores for reporting purposes.
-r --project_ref Enter the source control reference, revision, or branch if you want the findings included in the results summary and results JSON files that Greenlight stores for reporting purposes.
-s --source_dir List the source code directories, comma-separated, relative to the Git directory that you want the tool to check. Default: src/main/java.
-sd --summary_display Indicate if you want to see the results summary on the console. Default: true.
-sf --summary_ output_file Enter a filename for the summary output file that Greenlight saves if there are any findings. Default: results.txt.
-sj --save_jar Indicate if you want Greenlight to save the intermediate JAR file for debugging. Default: false.
-so --summary_output Indicate if you want Greenlight to save the results summary to file. Default: false.
-u --project_url Enter the project URL if you want the findings included in the results summary and results JSON that is stored by Greenlight for reporting purposes.
-v --version Display the CI tool version.
-x --exclude Enter the names and paths of any source files you want Greenlight to ignore.