Conda Application Analysis
NEW IN RELEASE 88
What is supported
Files named conda.txt will be analyzed. Only requirements using the "=" operator and version without wildcards will be considered.
Integrations with Conda scanning support
- CLI from version 88
- Jenkins from version 3.9.20200623-110149.2e546a0
- Bamboo from version 1.16.0
Steps to analyze using the CLI
Run conda list command with the flag -e (export).
conda list -e > conda.txt
The conda.txt encoding is UTF-8. Special note for Microsoft Windows users, the cmd.exe encoding may need to be changed to UTF-8. Please refer to Microsoft documentation on how to do this.
Example conda.txt file
# platform: linux-64 asn1crypto=0.24.0=py37_0 ca-certificates=2019.1.23=0 certifi=2019.3.9=py37_0 cryptography=2.4.2=py37h1ba5d50_0 libedit=3.1.20181209=hc058e9b_0 openssl=1.1.1b=h7b6447c_1
Run a scan
Invoke a CLI scan of a directory or subdirectories containing a conda.txt file. Instructions on how to do this can be found here: Nexus IQ CLI.
Output from cli
Steps to analyze using the Jenkins plugin
By default, the Jenkins plugin will not evaluate the conda.txt file. A custom Scan Target is needed.
nexusPolicyEvaluation iqApplication: 'SampApp', iqScanPatterns: [[scanPattern: '**/conda.txt']], iqStage: 'build'
To find more information on how to configure Jenkins please go to the Nexus Platform Plugin for Jenkins.
Steps to analyze using the Bamboo plugin
Bamboo Scan Targets control what files are examined. To evaluate Conda, add conda.txt to the scan targets via "**/conda.txt". To find more information on how to configure Bamboo please go to the Nexus IQ for Bamboo.