inteligr8/alfresco-transform-core
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-transform-core.git synced 2025-05-12 17:04:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
alfresco-transform-core/_ci/static_analysis.sh
Denis Ungureanu 46b2e6df5b
ATS-468 : Add Veracode (SAST & SCA) scans to Transform Service Travis builds (#188) 
- add SCA & SAST
   - use wildcards to reference jars' locations - a single static scan will be triggered
   - use sandbox based on git branch
   - use maven plugin for source clear scans
   - filter logs
2020-03-19 18:26:55 +02:00

25 lines
1.2 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
echo "=========================== Starting Static Analysis Script ==========================="
PS4="\[\e[35m\]+ \[\e[m\]"
set -vex
pushd "$(dirname "${BASH_SOURCE[0]}")/../"
# Run in a sandbox for every branch, run normally on master
[ "${TRAVIS_BRANCH}" != "master" ] && RUN_IN_SANDBOX="-sandboxname Transformers" || RUN_IN_SANDBOX=""
java -jar vosp-api-wrappers-java-$VERACODE_WRAPPER_VERSION.jar -vid $VERACODE_API_ID \
-vkey $VERACODE_API_KEY -action uploadandscan -appname "Transform Service" \
${RUN_IN_SANDBOX} -createprofile false \
-filepath \
alfresco-transformer-base/target/alfresco-transformer-base-*.jar \
alfresco-docker-alfresco-pdf-renderer/target/alfresco-docker-alfresco-pdf-renderer-*.jar \
alfresco-docker-imagemagick/target/alfresco-docker-imagemagick-*.jar \
alfresco-docker-libreoffice/target/alfresco-docker-libreoffice-*.jar \
alfresco-docker-tika/target/alfresco-docker-tika-*.jar \
alfresco-docker-transform-misc/target/alfresco-docker-transform-misc-*.jar \
-version "$TRAVIS_JOB_ID - $TRAVIS_JOB_NUMBER" -scantimeout 3600
popd
set +vex
echo "=========================== Finishing Static Analysis Script =========================="
Reference in New Issue View Git Blame Copy Permalink