Installing and Configuring the Maven Plugin

Use the following steps to install and configure the Code Insight Maven plugin.

To install and configure the Code Insight Maven plugin, do the following:

1. From the CodeInsightversionPlugins.zip file that was downloaded from the Product and License Center, extract the Maven plugin subdirectory (code-insight-maven-plugin) to a location on your local disk. The recommended location to which to extract this subdirectory is the application project directory.

2. Execute the following commands to install the plugin into the Maven local repository:

   • mvn install:install-file Dfile="$ <PROJECT_DIRECTORY>/code-insight-maven-plugin/lib/code-insight-maven-scan- <PLUGIN_VERSION>.jar" -DpomFile="$ <PROJECT DIRECTORY>/code-insight-maven-plugin/lib/pom.xml" -DgroupId=com.flexnet.maven -DartifactId=code-insight-maven-scan -Dversion= <PLUGIN_VERSION> -Dpackaging=jar

   • mvn install:install-file -Dfile="$ <PROJECT_DIRECTORY>/code-insight-maven-plugin/lib/codeinsight-agent- <AGENT_VERSION>.jar" -DgroupId=com.flexnet.codeinsight -DartifactId=codeinsight-agent -Dversion= <AGENT_VERSION> -Dpackaging=jar

   • Note the following variables:

   • $ <PROJECT DIRECTORY> is your application project directory (or the local directory to which you extracted the plugin).

   • <PLUGIN_VERSION> is the latest version of the code-insight-maven-scan jar file.

   • <AGENT_VERSION> is the latest version of the codeinsight-agent jar file.

3. Add the following information to your application pom.xml file. Refer to Plugin and Code Insight Server Settings for a description of the values you need to provide for the plugin and fnciServerSettings sections.

   <plugin>
     <groupId>com.flexnet.maven</groupId>
     <artifactId>code-insight-maven-scan</artifactId>
     <version>latest_codeinsight_maven_scan_jar_version</version>
     <inherited>false</inherited>
     <executions>
       <execution>
         <phase>install</phase>
         <goals>
           <goal>code-insight-scan</goal>
         </goals>
       </execution>
     </executions>
     <configuration>
       <fnciServerSettings>
         <fnciServer>server_url</fnciServer>
         <fnciAuthToken>Bearer server_authentication_token_value</fnciAuthToken>
         <fnciProjectName>codeinsight_project_name</fnciProjectName>
         <alias>scan_agent_alias<alias>
         <pluginRootPath>plugin_root_path</pluginRootPath>
         <pluginProjectName>plugin_project_name</pluginProjectName>
         <pluginDescription>any_plugin_description</pluginDescription>
         <pluginPathPrefix>plugin_path_prefix</pluginPathPrefix>
       </fnciServerSettings>
     </configuration>
   </plugin> 

Plugin and Code Insight Server Settings

The following describes the settings that you need to define in the plugin and fnciServerSettings sections of the information you are adding to the application pom.xml file (as described in Step 3 of the previous procedure).

Setting	Description
version	The version of the code\-insight\-maven\-scan\-<VERSION>\.jar file included with the current plugin (for example, 1\.0\.2 ).
fnciServer	(Required) The URL path to the Code Insight server in the following format: http://<CODE_INSIGHT_SERVER_HOST_NAME>:<PORT_NUMBER>/codeinsight/
fnciAuthToken	(Required) The JSON Web Token (JWT) used to authorize user access to the Code Insight functionality. Generate this token using the Code Insight Web UI and then copy and paste it here. Be sure to include the command “Bearer” followed by the token value, as in the example: Bearer eyJhbGciOiJIUzUxMiJ9\.eyJzdWIiOiJhZG1pbiIsInVzZXJJZCI6MSwia For information about generating this token, see Providing an Authorization Token.
fnciProjectName	(Required) The name of the Code Insight project created on the Code Insight server for your application codebase scans.
alias	A name that you define for the scan-agent plugin. The alias is used to represent the “container” (scan root) under which all the files scanned in this instance will be listed in the API output and in the file tree in the Analysis Workbench . This name must be unique within the project.
pluginRootPath	Currently not used.
pluginProjectName	(Optional) The name of the application project being scanned. This name will appear, along with the Code Insight project name, in the Last Scan field on the on the Summary tab for the project in the Code Insight user interface. It provides a reference to help a reviewer or developer identify what codebase was scanned.
pluginDescription	(Optional) A description of the application project being scanned. This text will appear in the Description field on the Summary tab for the project in the Code Insight user interface.
pluginPathPrefix	(Optional) The path prefix for the codebase files being scanned. This prefix is used to reference the codebase file paths on the Project report generated from the Summary tab for the project in the Code Insight user interface.

Important Note About Scanning Dependencies

Previous versions (1.x) of the Maven scan-agent plugin scanned both the dependencies section and the ${project.build.directory} of the Maven project. The current plugin version (2.x), introduced in Code Insight 2020 R3, scans only the ${project.build.directory}. Refer to the Maven documentation for instructions on how to include dependencies as a part of build directory. An example install command for including dependencies might be:

maven-dependency-plugin install copy-dependencies ${project.build.directory}/project-dependencies