Merge pull request #1202 from Alfresco/feature/APPS-407_SourceClearScan_no

Feature/apps 407 source clear scan no

.travis.yml

@@ -145,8 +145,7 @@ jobs:
 
     - name: "Source Clear Scan (SCA)"
       stage: Security Scans
-      script:
-       - echo "Source Clear Scan (SCA)"
+      script: travis_wait 30 bash scripts/source_clear.sh
     - name: "Static Analysis (SAST)"
       stage: Security Scans
       script:

scripts/source_clear.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+# fail script immediately on any errors in external commands and print the lines
+set -ev
+
+mvn -B -q clean install \
+    -DskipTests \
+    -Dmaven.javadoc.skip=true \
+    -pl '!rm-automation,!rm-automation/rm-automation-community-rest-api,!rm-automation/rm-automation-enterprise-rest-api,!rm-automation/rm-automation-ui,!rm-benchmark' \
+    com.srcclr:srcclr-maven-plugin:scan \
+    -Dcom.srcclr.apiToken=$SRCCLR_API_TOKEN > scan.log
+
+SUCCESS=$?   # this will read exit code of the previous command
+
+cat scan.log | grep -e 'Full Report Details' -e 'Failed'
+
+exit ${SUCCESS}