-
Notifications
You must be signed in to change notification settings - Fork 1
/
.gitlab-ci.yml
68 lines (62 loc) · 2.25 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
stages:
- SCA
- build
- scan
Software Composition Analysis:
image: maven:3.6.0-jdk-8
stage: SCA
script:
- curl -sSL https://download.sourceclear.com/ci.sh | bash
compile-application:
image: maven:3.6.0-jdk-8
stage: build
script:
- mvn clean package
artifacts:
name: verademo_julian_10_build
paths:
- target/
expire_in: 5 week
cache:
paths:
- target/
- .m2/repository
development-upload-for-sast:
image: openjdk:11-jre
stage: scan
only:
- development
before_script:
- curl -sSO https://downloads.veracode.com/securityscan/pipeline-scan-LATEST.zip
- unzip pipeline-scan-LATEST.zip
script:
- java -jar pipeline-scan.jar -vid ${VERACODE_API_ID} -vkey ${VERACODE_API_KEY} --file target/verademo.war
artifacts:
paths:
- results.json
allow_failure: true
release-upload-for-sast:
image: openjdk:11-jre
stage: scan
only:
- release
before_script:
- wget -q -O VeracodeJavaAPI.jar https://repo1.maven.org/maven2/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/${VERACODE_WRAPPER_VERSION}/vosp-api-wrappers-java-${VERACODE_WRAPPER_VERSION}.jar
script:
- java -jar VeracodeJavaAPI.jar -vid ${TEAM_ANALYSISCENTER_ID} -vkey ${TEAM_ANALYSISCENTER_KEY}
-action UploadAndScan -appname "Verademo" -createprofile true -autoscan true -sandboxname "gitlab-release"
-filepath ./target/verademo.war -version "Job ${CI_JOB_ID} in pipeline ${CI_PIPELINE_ID}"
allow_failure: true
policy-upload-for-sast:
image: openjdk:11-jre
stage: scan
only:
- schedules
- master
before_script:
- wget -q -O VeracodeJavaAPI.jar https://repo1.maven.org/maven2/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/${VERACODE_WRAPPER_VERSION}/vosp-api-wrappers-java-${VERACODE_WRAPPER_VERSION}.jar
script:
- java -jar VeracodeJavaAPI.jar -vid ${TEAM_ANALYSISCENTER_ID} -vkey ${TEAM_ANALYSISCENTER_KEY}
-action UploadAndScan -appname "Verademo" -createprofile true -autoscan true
-filepath ./target/verademo.war -version "Job ${CI_JOB_ID} in pipeline ${CI_PIPELINE_ID}"
-scantimeout 15