|
32 | 32 | # Gets Variables from Azure DevOps Library |
33 | 33 | variables: |
34 | 34 | - group: kmdp-platform-variables |
35 | | - - group: kmd-veracode |
36 | 35 |
|
37 | 36 | # ------------------ PIPELINE STEPS ------------------ |
38 | 37 | steps: |
@@ -109,66 +108,6 @@ steps: |
109 | 108 | versionFilePath: pom.xml |
110 | 109 | versionTransformation: none |
111 | 110 |
|
112 | | -# Download Veracode |
113 | | -- task: PowerShell@2 |
114 | | - displayName: 'Download Veracode' |
115 | | - inputs: |
116 | | - targetType: 'inline' |
117 | | - script: | |
118 | | - curl -O -L https://downloads.veracode.com/securityscan/pipeline-scan-LATEST.zip |
119 | | -
|
120 | | -# Make directory for veracode scan |
121 | | -- task: PowerShell@2 |
122 | | - displayName: 'Make directory for veracode scan' |
123 | | - inputs: |
124 | | - targetType: 'inline' |
125 | | - script: | |
126 | | - mkdir veracode |
127 | | -
|
128 | | -
|
129 | | -# Runs Maven Goal: install |
130 | | -- task: PowerShell@2 |
131 | | - displayName: 'Maven Install' |
132 | | - inputs: |
133 | | - targetType: 'inline' |
134 | | - script: | |
135 | | - mvn install -ntp |
136 | | -
|
137 | | -# Veracode Files to scan |
138 | | -- task: CopyFiles@2 |
139 | | - displayName: 'Copy Files to veracode folder' |
140 | | - inputs: |
141 | | - SourceFolder: '$(system.defaultworkingdirectory)' |
142 | | - Contents: | |
143 | | - **/API4KP-*.jar |
144 | | - TargetFolder: 'veracode' |
145 | | - |
146 | | -# Extract Veracode |
147 | | -- task: ExtractFiles@1 |
148 | | - displayName: 'Extract Veracode Zip' |
149 | | - inputs: |
150 | | - archiveFilePatterns: "pipeline-scan-LATEST.zip" |
151 | | - overwriteExistingFiles: false |
152 | | - cleanDestinationFolder: false |
153 | | - destinationFolder: 'veracode' |
154 | | - |
155 | | -# Runs Maven Goal: deploy |
156 | | -# Deploys to Azure DevOps Artifacts |
157 | | -# - task: PowerShell@2 |
158 | | -# displayName: 'Maven Deploy to Artifacts' |
159 | | -# inputs: |
160 | | -# targetType: 'inline' |
161 | | -# script: | |
162 | | -# chmod 777 "veracode/pipeline-scan.jar" |
163 | | -# chmod 777 "veracode/target/API4KP-$env:TIER1_DEV_VERSION.jar" |
164 | | - |
165 | | -# java -jar veracode/pipeline-scan.jar --veracode_api_id "$env:VERACODE_API_ID" --veracode_api_key "$env:VERACODE_API_KEY" --file "veracode/target/API4KP-$env:TIER1_DEV_VERSION.jar" --fail_on_severity="Very High, High" --verbose="true" |
166 | | -# env: |
167 | | -# DEPLOY_REPO: $(deploymentRepo) |
168 | | -# DEPLOY_REPO_PATH: $(deploymentRepoPath) |
169 | | -# TIER1_DEV_VERSION: $(tier1NewDevelopVersion) |
170 | | -# VERACODE_API_ID: $(veracodeApiId) |
171 | | -# VERACODE_API_KEY: $(veracodeApiToken) |
172 | 111 |
|
173 | 112 | # Runs Maven Goal: deploy |
174 | 113 | # Deploys to Azure DevOps Artifacts |
|
0 commit comments