added script for Veracode Agent-Based Scan Software Composition Analysis

2025-07-31 17:39:05 +00:00 · 2020-08-18 16:39:16 +03:00
parent 140ee10d05
commit 4cbec1b256
2 changed files with 16 additions and 2 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -108,8 +108,7 @@ jobs:

    - name: "Source Clear Scan (SCA)"
      stage: Security Scans
-      script:
-       - echo "Source Clear Scan (SCA)"
+      script: travis_wait 30 bash scripts/source_clear.sh
    - name: "Static Analysis (SAST)"
      stage: Security Scans
      script:
--- a/scripts/source_clear.sh
+++ b/scripts/source_clear.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+# fail script immediately on any errors in external commands and print the lines
+set -ev
+
+mvn -B -q clean install \
+    -DskipTests \
+    -Dmaven.javadoc.skip=true \
+    com.srcclr:srcclr-maven-plugin:scan \
+    -Dcom.srcclr.apiToken=$SRCCLR_API_TOKEN > scan.log
+
+SUCCESS=$?   # this will read exit code of the previous command
+
+cat scan.log | grep -e 'Full Report Details' -e 'Failed'
+
+exit ${SUCCESS}