The only required parameters are --api_id and --api_secret_key.
|-a||--analyze_only||Enter true to only analyze the existing results JSON file, as specified by json_output_file, for debug purposes, without checking the Git status or uploading anything. Default: false.|
|-b||--build_dir||List the directories, comma-separated and relative
to the Git directory, where you want the build output to go. When scanning multiple
directories, the results may not prepend the build directory to the filename, causing
flaw location ambiguity. Default: build/classes/java/main.
|-bp||--best_practices||Indicate if you want Greenlight to list any coding best practices found in the files. Default: true.|
|-c||--commit||Enter the commit hash that you want Greenlight to scan. Default: HEAD.|
|-cb||--callback_url||This location is the URL to which the results JSON files are posted.|
|-g||--git||Enter the Git repository directory. Defaults to the current directory (".").|
|-h||--help||Lists all the possible commands and parameters for the Greenlight CI tool.|
|-i||--api_id||Required. Enter your Veracode API credentials username.|
|-ic||--issue_counts||Enter the number of issues (Y) for each severity level (X) at which you want the build to fail. Use 0 (zero) to ignore issues of a severity. If you do not provide a value for a severity, the default is 1. For example: "--issue_counts=2:0,1:0,0:0" ignores any flaws below severity 3. The default is to fail on 1 or more issues at severity 1 or above. Default: 5:1,4:1,3:1,2:1,1:1,0:0.|
|-id||--issue_details||Enter true to show the details for all the flaws and best practices that Greenlight found. Default: false.|
|-j||--jar||Scans the specified, pre-existing JAR file. Use
instead of --commit_hash. The JAR cannot be bigger than 1 MB.
Note: If you run the tool on JVM 9+, you may need to add --add-modules java.xml.bind to the java command, before the -jar option.
|-jf||--json_output_file||The JSON output filename that Greenlight saves. Default: results.json.|
|-k||--api_secret_key||Required. Enter your Veracode API credentials secret key.|
|-op||--oversize_pass||Enter true to allow a build to succeed when the upload package or file exceeds the size limit for Greenlight scans.|
|-p||--project_name||Enter the project name if you want the findings included in the results summary and results JSON files that Greenlight stores for reporting purposes.|
|-r||--project_ref||Enter the source control reference, revision, or branch if you want the findings included in the results summary and results JSON files that Greenlight stores for reporting purposes.|
|-s||--source_dir||List the source code directories, comma-separated, relative to the Git directory that you want the tool to check. Default: src/main/java.|
|-sd||--summary_display||Indicate if you want to see the results summary on the console. Default: true.|
|-sf||--summary_ output_file||Enter a filename for the summary output file that Greenlight saves if there are any findings. Default: results.txt.|
|-sj||--save_jar||Indicate if you want Greenlight to save the intermediate JAR file for debugging. Default: false.|
|-sl||--scan_language||Indicate which language files to check for changes and potentially submit for scanning, java or js. Default: java.|
|-so||--summary_output||Indicate if you want Greenlight to save the results summary to file. Default: false.|
|-u||--project_url||Enter the project URL if you want the findings included in the results summary and results JSON that is stored by Greenlight for reporting purposes.|
|-v||--version||Display the CI tool version.|
|-x||--exclude||Enter the names and paths of any source files you want Greenlight to ignore.|