From 7e6ef9f234470598678633024111cb35642efc9d Mon Sep 17 00:00:00 2001
From: Spencer Sutton <suttonsp@amazon.com>
Date: Mon, 19 Jul 2021 18:56:55 +0000
Subject: [PATCH] Adding sonar,dependency-check to aws

commit a45fa279
Author: Spencer Sutton <suttonsp@amazon.com>
Date: Mon Jul 19 2021 11:48:25 GMT-0500 (Central Daylight Time)

    Fixing build


commit c5ae108a
Author: Spencer Sutton <suttonsp@amazon.com>
Date: Mon Jul 19 2021 10:37:53 GMT-0500 (Central Daylight Time)

    Adding sonar,dependency-check to aws
---
 provider/legal-aws/build-aws/buildspec.yaml | 10 +++++++++-
 provider/legal-aws/maven/settings.xml       | 11 +++++++++++
 provider/legal-aws/pom.xml                  | 12 ++++++++++++
 3 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/provider/legal-aws/build-aws/buildspec.yaml b/provider/legal-aws/build-aws/buildspec.yaml
index e4071081c..731961d49 100644
--- a/provider/legal-aws/build-aws/buildspec.yaml
+++ b/provider/legal-aws/build-aws/buildspec.yaml
@@ -21,6 +21,11 @@ env:
   secrets-manager:
     DOCKER_USERNAME: /osdu/devops/docker_credentials:username
     DOCKER_PASSWORD: /osdu/devops/docker_credentials:password
+    SONAR_USERNAME: /osdu/devops/sonar_credentials:username
+    SONAR_PASSWORD: /osdu/devops/sonar_credentials:password
+  
+  parameter-store:
+    SONAR_URL: /osdu/devops/sonar_url
 
 phases:
   install:
@@ -60,7 +65,7 @@ phases:
       - printenv
 
       - echo "Building primary service assemblies..."
-      - mvn -ntp -B test install -pl legal-core,provider/legal-aws -Ddeployment.environment=prod
+      - mvn -ntp -B test install sonar:sonar -pl .,legal-core,provider/legal-aws -Ddeployment.environment=prod -Dsonar.login=${SONAR_USERNAME} -Dsonar.password=${SONAR_PASSWORD} -Dsonar.branch.name=${BRANCH_NAME} 
 
 #      Suspended until further notice
 #      - echo "Copying assemblies to dist..."
@@ -85,6 +90,9 @@ phases:
         python provider/legal-aws/build-aws/build-info.py --branch ${CODEBUILD_SOURCE_VERSION} --commit ${CODEBUILD_RESOLVED_SOURCE_VERSION} \
           --buildid ${CODEBUILD_BUILD_ID} --buildnumber ${CODEBUILD_BUILD_NUMBER} --reponame ${REPO_NAME} --outdir ${OUTPUT_DIR} \
           --artifact ${ECR_IMAGE}
+  post_build:
+    commands:
+      - cp provider/legal-aws/target/dependency-check-report.html ${OUTPUT_DIR}
 reports:
   SurefireReports: # CodeBuild will create a report group called "SurefireReports".
     files: #Store all of the files
diff --git a/provider/legal-aws/maven/settings.xml b/provider/legal-aws/maven/settings.xml
index 7a6c05029..2236ea5de 100644
--- a/provider/legal-aws/maven/settings.xml
+++ b/provider/legal-aws/maven/settings.xml
@@ -53,6 +53,17 @@
                 <azure.devops.token>no-default</azure.devops.token>
             </properties>
         </profile>
+        <profile>
+            <id>sonar</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <properties>
+                <sonar.host.url>
+                    ${env.SONAR_URL}
+                </sonar.host.url>
+            </properties>
+        </profile>
     </profiles>
 
     <servers>
diff --git a/provider/legal-aws/pom.xml b/provider/legal-aws/pom.xml
index ceb555211..51c7dcd03 100644
--- a/provider/legal-aws/pom.xml
+++ b/provider/legal-aws/pom.xml
@@ -160,6 +160,18 @@
                     <threadCount>1</threadCount>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.owasp</groupId>
+                <artifactId>dependency-check-maven</artifactId>
+                <version>6.2.2</version>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
     </build>
 
-- 
GitLab