From 4cbec1b256d985a2a0d9ebcbfc9e452f553435d3 Mon Sep 17 00:00:00 2001
From: Claudia Agache <claudia.agache@ness.com>
Date: Tue, 18 Aug 2020 16:39:16 +0300
Subject: [PATCH] added script for Veracode Agent-Based Scan Software
 Composition Analysis

---
 .travis.yml             |  3 +--
 scripts/source_clear.sh | 15 +++++++++++++++
 2 files changed, 16 insertions(+), 2 deletions(-)
 create mode 100644 scripts/source_clear.sh

diff --git a/.travis.yml b/.travis.yml
index 1ede9fe6aa..3c2eedeb11 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -108,8 +108,7 @@ jobs:
 
     - name: "Source Clear Scan (SCA)"
       stage: Security Scans
-      script:
-       - echo "Source Clear Scan (SCA)"
+      script: travis_wait 30 bash scripts/source_clear.sh
     - name: "Static Analysis (SAST)"
       stage: Security Scans
       script:
diff --git a/scripts/source_clear.sh b/scripts/source_clear.sh
new file mode 100644
index 0000000000..d3e9f09504
--- /dev/null
+++ b/scripts/source_clear.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+# fail script immediately on any errors in external commands and print the lines
+set -ev
+
+mvn -B -q clean install \
+    -DskipTests \
+    -Dmaven.javadoc.skip=true \
+    com.srcclr:srcclr-maven-plugin:scan \
+    -Dcom.srcclr.apiToken=$SRCCLR_API_TOKEN > scan.log
+
+SUCCESS=$?   # this will read exit code of the previous command
+
+cat scan.log | grep -e 'Full Report Details' -e 'Failed'
+
+exit ${SUCCESS}