Feature Focus: How to use Command Line’s .properties file
To simplify use of the CAST Highlight command line and scale code scan deployments across CI/CD pipelines, you can use the .properties files. This tutorial explains how.
Why use .properties files with the command line
CAST Highlight users often use the command line instead of the local agent especially when automating CAST Highlight scans as part of a build chain. While it is possible to do so with previous versions of the command line, users have to configure the option values – such as the result upload and folder exclusion values – for each application or technology context. In scenarios requiring large numbers of application scans to configure, it is simpler to centralize the different options of the command line into a single file that can be saved and included in source repositories so that settings are available as a reference for future scans.
How to use a .properties file with the command line
When running the command line, simply add the –propertiesPath option with the path to your .properties file. The command line will read the content of this file with the different scan/upload options and values.
You can also have multiple .properties files as templates in your repositories for the different scan use cases you may have (e.g., no-third-parties.properties, test-generate-local-results.properties, or simply highlight.properties).
> java -jar HighlightAutomation.jar --propertiesPath “C:\app\src\highlight.properties”
Sample .properties file
You can download a sample highlight.properties file from this link or just copy/paste the snippet below.