.gitlab-ci.yml

stages:
  - SCA
  - build
  - greenlight
  - scan


Software Composition Analysis:
  stage: SCA
  script:
    - curl -sSL https://download.sourceclear.com/ci.sh | bash


build_job:
  image: maven:3.6.0-jdk-8
  stage: build
  script:
    - mvn clean package
  artifacts:
    name: verademo_julian_10_build
    paths:
      - target/
    expire_in: 1 week
  cache:
    paths:
      - target/
      - .m2/repository
    
  
greenlight_job:
  stage: greenlight
  image: openjdk:8-jre
  dependencies:
    - build_job
  artifacts:
    name: verademo_julian_10_greenlight-results
    paths:
      - results.json
      - results.txt
  script:
    - curl -O https://downloads.veracode.com/securityscan/gl-scanner-java-LATEST.zip
    - unzip gl-scanner-java-LATEST.zip gl-scanner-java.jar
    - java -jar gl-scanner-java.jar
      -i ${VERACODE_API_ID}
      -k ${VERACODE_API_KEY}
      -b "target/classes/"
      -s "src/main/java/"
      -id true
      -so true
  artifacts:
    name: verademo_julian_10_greenlight-results
    paths:
      - results.json
      - results.txt
    when: always

veracode-policy-scan:
    stage: scan
    image: openjdk:10
    only:
        - schedules
        - master
    before_script:
        - wget -q -O veracode-wrapper.jar https://repo1.maven.org/maven2/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/${VERACODE_WRAPPER_VERSION}/vosp-api-wrappers-java-${VERACODE_WRAPPER_VERSION}.jar
    script:
        - java -jar --add-modules java.se.ee veracode-wrapper.jar -vid ${VERACODE_API_ID} -vkey ${VERACODE_API_KEY}
          -action UploadAndScan -appname "${CI_PROJECT_NAME}" -createprofile true -autoscan true
          -filepath target/verademo.war -version "job ${CI_JOB_ID} in pipeline ${CI_PIPELINE_ID}"