-
Notifications
You must be signed in to change notification settings - Fork 1
/
azure-pipelines.yml
56 lines (48 loc) · 1.8 KB
/
azure-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# Maven
# Build your Java project and run tests with Apache Maven.
# Add steps that analyze code, save build artifacts, deploy, and more:
# https://docs.microsoft.com/azure/devops/pipelines/languages/java
# This is an example of using VeraDemo Java test application with the Veracode Static Pipeline scanner. A Veracode subscription is required.
trigger:
- none
pool:
vmImage: 'ubuntu-latest'
steps:
- task: Maven@3
displayName: Build with Maven
inputs:
mavenPomFile: 'app/pom.xml'
goals: 'package'
#- task: Veracode@3
# displayName: Veracode Static Scan
# inputs:
# ConnectionDetailsSelection: 'Credentials'
# apiId: '$(API_ID)'
# apiKey: '$(API_KEY)'
# veracodeAppProfile: 'VeraDemo'
# version: 'ADO_$(build.buildNumber)'
# filepath: '$(Build.Repository.LocalPath)/app/target/verademo.war'
# createProfile: false
# importResults: false
# failBuildOnPolicyFail: false
- task: Bash@3
displayName: Veracode Static Pipeline Scan
inputs:
targetType: 'inline'
script: |
curl -sSO https://downloads.veracode.com/securityscan/pipeline-scan-LATEST.zip
unzip -o pipeline-scan-LATEST.zip
java -jar pipeline-scan.jar -vid $(API_ID) -vkey $(API_KEY) -f $(System.DefaultWorkingDirectory)/app/target/verademo.war || true
- task: Bash@3
displayName: Commit results.json to GitHub repo
inputs:
targetType: 'inline'
script: |
git config --global user.email "[email protected]"
git config --global user.name "Sina T"
git checkout -b main
git add results.json
git commit -m "Updating results.json file with results from ADO Build $(build.buildNumber)"
git push https://$(GITHUB_PAT)@github.com/sinat101/verademo.git main
- publish: $(System.DefaultWorkingDirectory)/results.json
artifact: Pipeline Scan Results