From 050830cab42163996e7a6c201ff15af5be50cca7 Mon Sep 17 00:00:00 2001
From: Claudia Agache <claudia.agache@ness.com>
Date: Tue, 18 Aug 2020 16:39:16 +0300
Subject: [PATCH 1/2] added script for Veracode Agent-Based Scan Software
 Composition Analysis

---
 .travis.yml             |  3 +--
 scripts/source_clear.sh | 15 +++++++++++++++
 2 files changed, 16 insertions(+), 2 deletions(-)
 create mode 100644 scripts/source_clear.sh

diff --git a/.travis.yml b/.travis.yml
index 1ede9fe6aa..3c2eedeb11 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -108,8 +108,7 @@ jobs:
 
     - name: "Source Clear Scan (SCA)"
       stage: Security Scans
-      script:
-       - echo "Source Clear Scan (SCA)"
+      script: travis_wait 30 bash scripts/source_clear.sh
     - name: "Static Analysis (SAST)"
       stage: Security Scans
       script:
diff --git a/scripts/source_clear.sh b/scripts/source_clear.sh
new file mode 100644
index 0000000000..d3e9f09504
--- /dev/null
+++ b/scripts/source_clear.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+# fail script immediately on any errors in external commands and print the lines
+set -ev
+
+mvn -B -q clean install \
+    -DskipTests \
+    -Dmaven.javadoc.skip=true \
+    com.srcclr:srcclr-maven-plugin:scan \
+    -Dcom.srcclr.apiToken=$SRCCLR_API_TOKEN > scan.log
+
+SUCCESS=$?   # this will read exit code of the previous command
+
+cat scan.log | grep -e 'Full Report Details' -e 'Failed'
+
+exit ${SUCCESS}

From 5aaf2ef330dfffa8868981060a59083ea56ffb95 Mon Sep 17 00:00:00 2001
From: Claudia Agache <claudia.agache@ness.com>
Date: Wed, 19 Aug 2020 08:34:08 +0300
Subject: [PATCH 2/2] exclude rm-automation and rm-benchmark from scan

---
 scripts/source_clear.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/source_clear.sh b/scripts/source_clear.sh
index d3e9f09504..85576d3ad1 100644
--- a/scripts/source_clear.sh
+++ b/scripts/source_clear.sh
@@ -5,6 +5,7 @@ set -ev
 mvn -B -q clean install \
     -DskipTests \
     -Dmaven.javadoc.skip=true \
+    -pl '!rm-automation,!rm-automation/rm-automation-community-rest-api,!rm-automation/rm-automation-enterprise-rest-api,!rm-automation/rm-automation-ui,!rm-benchmark' \
     com.srcclr:srcclr-maven-plugin:scan \
     -Dcom.srcclr.apiToken=$SRCCLR_API_TOKEN > scan.log