diff --git a/pom.xml b/pom.xml
index e472e2605..1ab4d96ac 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,6 @@
http://ec2-107-23-150-171.compute-1.amazonaws.com:8070/
ec2-107-23-150-171.compute-1.amazonaws.com
stage-release
- false
17
@@ -149,28 +148,6 @@
-
-
- org.apache.maven.plugins
- maven-dependency-plugin
-
-
- dependency-copy-dependencies
- generate-resources
-
- copy-dependencies
-
-
- ${project.build.directory}/lib
- false
- compile
-
-
-
-
-
com.sonatype.clm
@@ -179,13 +156,19 @@
${artifactId}
stage-release
- true
- package
+ sonatype-prepare
+ test-compile
+
+ evaluate
+
+
+
+ sonatype-reevaluate-after-run
+ prepare-package
- index
evaluate
@@ -211,8 +194,8 @@
-Dsonatype.runtime.agent.iq.protocol=http
-Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com
-Dsonatype.runtime.agent.iq.port=8070
- -Dsonatype.runtime.agent.iq.user=IQ_USER
- -Dsonatype.runtime.agent.iq.password=IQ_PASSWORD
+ -Dsonatype.runtime.agent.iq.user=${env.IQ_USER}
+ -Dsonatype.runtime.agent.iq.password=${env.IQ_PASSWORD}
-Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent
-Dsonatype.runtime.agent.isIqApplicationIdPublic=true
-Dsonatype.runtime.agent.blockedRunOnStartup=true
diff --git a/readme.md b/readme.md
index 3f49a71a2..bfd6ff3ee 100644
--- a/readme.md
+++ b/readme.md
@@ -14,7 +14,8 @@ Spring Petclinic is a [Spring Boot](https://spring.io/guides/gs/spring-boot) app
git clone https://github.com/spring-projects/spring-petclinic.git
cd spring-petclinic
-# This runs the integration tests which invoke vulnerable methods and the runtime labels set in IQ on:
+# This runs the integration tests which will invoke some vulnerable methods as part of tests coverage and the
+# runtime labels set in IQ on:
# - ch.qos.logback : logback-core : 1.4.11
# - ch.qos.logback : logback-classic : 1.4.11
# - org.springframework : spring-core : 6.1.1
@@ -22,7 +23,7 @@ cd spring-petclinic
# Note: Change the path the runtime-agent-1.0.7.jar as necessary
# After starting the app, by navigating to http://localhost:8080/vets.html invokes vulnerable method call.
-# This will log the method call and set the runtime labels in IQ.
+# This will log additional vulnerable method calls that were not covered by unit tests and sets the runtime labels in IQ.
# If the label is already set due to integration tests, it will log as such.
# If needed, the labels can be deleted manually in IQ before starting the app.
java -javaagent:../runtime-agent-1.0.7.jar \
@@ -31,8 +32,8 @@ java -javaagent:../runtime-agent-1.0.7.jar \
-Dsonatype.runtime.agent.iq.protocol=http \
-Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com \
-Dsonatype.runtime.agent.iq.port=8070 \
- -Dsonatype.runtime.agent.iq.user=IQ_USER \
- -Dsonatype.runtime.agent.iq.password=IQ_PASSWORD \
+ -Dsonatype.runtime.agent.iq.user=${IQ_USER} \
+ -Dsonatype.runtime.agent.iq.password=${IQ_PASSWORD} \
-Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent \
-Dsonatype.runtime.agent.isIqApplicationIdPublic=true \
-Dsonatype.runtime.agent.blockedRunOnStartup=true \