Authenticate and analyze

Once the Contrast CLI is installed with a valid set of credentials and a correct application ID, you can analyze applications and see the results in Contrast. It is recommended that the CLI is invoked as part of a CI pipeline so that running it is automated as part of your build process.

To analyze an application, use the Run command:

contrast-cli 
 --cli_api_key <YourAPIKey>\ 
 --cli_authorization <YourAuthorizationKey>\ 
 --cli_organization_id <YourOrganizationID>\ 
 --cli_host <YourHost>\
 --cli_application_id <YourApplicationID>

YAML option

Place credentials within a YAML file:

cli:
     cli_api_key: YourAPIKey
     cli_authorization: YourAuthorizationKey
     cli_organization_id: YourOrganizationID
     cli_host: YourHost
     cli_application_name: YourApplicationName
     cli_language: YourApplicationLanguage
     cli_application_id: YourApplicationID

Run the following command to initiate:

contrast-cli --yamlPath path/to/yaml

Communication protocol

If you need to go through a communication protocol like Transport Layer Security (TLS) for example add the following parameters to the YAML file:

key: pathToKey
cert: pathToCert
cacert: pathToCaCert

After you see a SUCCESS message, you are ready to view dependency trees.