JenkinsFile

#!/usr/bin/groovy

node {
  def root = pwd()
  def mvn = tool 'M3'
  def zapHome = tool 'ZAProxy_v2_5_0'
  
  stage("Config") {
    // clone the configuration repository and copy the current configuration
    def configDir = "${root}/configuration"
    def configFile = "${root}/config.json"
    dir(configDir) {
      git url: "${env.CONFIGURATION_URL}", credentialsId: "${env.CONFIGURATION_CREDS}"
      sh "mv ${configDir}/${ENVIRONMENT}-config.json ${configFile}"
      deleteDir()
    }
    // read the current configuration
    def configJson = readJSON file: "${configFile}"
    for (param in configJson.credparams + configJson.jobparams) { 
      env."${param.name}" = (param.type == "booleanParam") ? "${param.defaultvalue}".toBoolean() : "${param.defaultvalue}"
    }
  }

  stage("Setup") {
    deleteDir()

    // github is open gitlab requires credentials to clone
    if(env.USE_GIT_CREDS.toBoolean()) {
      git url: "${env.GIT_URL}", branch: "${env.GIT_BRANCH}", credentialsId: "${env.GITLAB_CREDS}"
    } else {
      git url: "${env.GIT_URL}", branch: "${env.GIT_BRANCH}"
    }
  }

  def appvers = sh(script: "git describe --long --tags --always | sed 's/\\./-/'g", returnStdout: true)
  appvers = appvers.trim()
  def appName = "pz-jobcommon-${appvers}"

  if(!env.SKIP_SCANS.toBoolean()) {
	  stage('Scans') {
		withCredentials([[$class: "StringBinding", credentialsId: "${env.THREADFIX_API_KEY}", variable: "THREADFIX_KEY"]]) {

        def depHome = tool 'owasp_dependency_check'
        withEnv(["PATH+=${depHome}/bin"]) {
          sh 'dependency-check.sh --project "pz-jobcommon" --scan "." --format "XML" --enableExperimental --disableBundleAudit'
          sh "/bin/curl -v --insecure -H 'Accept: application/json' -X POST --form file=@dependency-check-report.xml ${env.THREADFIX_URL}/rest/latest/applications/${env.THREADFIX_ID}/upload?apiKey=${THREADFIX_KEY}"
        }

		  sh """
			mkdir -p ${root}/.m2/repository
			${mvn}/bin/mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent install \
			  -Dmaven.repo.local=${root}/.m2/repository \
			  -Pcoverage-per-test org.jacoco:jacoco-maven-plugin:report \
			  -DdataFile=target/jacoco.exec
		  """

		  //sh "${mvn}/bin/mvn install:install-file -Dmaven.repo.local=${root} -Dfile=pom.xml -DpomFile=pom.xml"
		  sh "/opt/hp_fortify_sca/bin/sourceanalyzer -b ${env.BUILD_NUMBER} src/main/java/{*.java,**/*.java}"
		  sh "/opt/hp_fortify_sca/bin/sourceanalyzer -b ${env.BUILD_NUMBER}  -scan -Xmx1G -f fortifyResults-${env.BUILD_NUMBER}.fpr"
		  sh "/bin/curl -v --insecure -H 'Accept: application/json' -X POST --form file=@fortifyResults-${env.BUILD_NUMBER}.fpr ${env.THREADFIX_URL}/rest/latest/applications/${env.THREADFIX_ID}/upload?apiKey=${THREADFIX_KEY}"
		}
/*
		withCredentials([string(credentialsId: "${env.SONAR_TOKEN}", variable: "USERNAME")]) {
		  withEnv(["HOME=${root}", "_JAVA_OPTIONS=-Duser.home=${root}"]) {
			def projectId = "venicegeo:piazza:pz-jobcommon"
	//		sh "${mvn}/bin/mvn sonar:sonar -Dmaven.repo.local=${root} -Dsonar.host.url=${SONAR_URL} -Dsonar.projectKey=${projectId} -Dsonar.projectName=${projectId} -Dsonar.login=${USERNAME} -P nga"
		  }
		}*/
	  }
  }

  stage("Archive") {
    def archiveName = "pz-jobcommon-LATEST.jar"
    // Check if exists already
    def getDependencyStatus = sh(script: """mvn --quiet --settings ~/.m2/settings.xml dependency:get \
			-Dmaven.repo.local="${root}/.m2/repository" \
			-DrepositoryId=nexus \
			-DartifactId=pz-jobcommon \
			-Dversion=${appvers} \
			-DgroupId="org.venice.piazza" \
			-Dpackaging=jar \
			-DremoteRepositories="nexus::default::${env.ARTIFACT_STORAGE_DEPLOY_URL}" \
			>> /dev/null 2>&1 \
		""", returnStatus: true)
	if (getDependencyStatus == 0) {
		echo "Artifact version ${appvers} exists in Nexus, nothing to do"
	} else {
	  // Deploy file

        sh """${mvn}/bin/mvn clean package -U -Dmaven.repo.local=${root}
           cp ${root}/target/pz-jobcommon-LATEST.jar ${root}/pz-jobcommon.jar
           """
        sh """mvn -X --settings ~/.m2/settings.xml deploy:deploy-file -Dfile=${root}/pz-jobcommon.jar \
           -DrepositoryId=nexus \
           -Durl="${env.ARTIFACT_STORAGE_DEPLOY_URL}" \
           -DgroupId="org.venice.piazza" \
           -DgeneratePom=false \
           -Dpackaging=jar \
           -Dmaven.repo.local="${root}/.m2/repository" \
           -DartifactId=pz-jobcommon \
           -Dversion=${appvers}
         """
       }
  }
}