Adding sonar,dependency-check to aws

commit 590b0d80 Author: Spencer Sutton <suttonsp@amazon.com> Date: Mon Jul 19 2021 11:46:44 GMT-0500 (Central Daylight Time) Fixing build commit 4cdf43f4 Author: Spencer Sutton <suttonsp@amazon.com> Date: Mon Jul 19 2021 10:15:25 GMT-0500 (Central Daylight Time) Adding sonar,dependency-check to aws

Adding sonar,dependency-check to aws
fcb9039b · Spencer Sutton · 977951fd · fcb9039b · fcb9039b · fcb9039b
Commit fcb9039b authored 3 years ago by Spencer Sutton
--- a/provider/indexer-aws/build-aws/buildspec.yaml
+++ b/provider/indexer-aws/build-aws/buildspec.yaml
@@ -21,6 +21,11 @@ env:
  secrets-manager:
    DOCKER_USERNAME: /osdu/devops/docker_credentials:username
    DOCKER_PASSWORD: /osdu/devops/docker_credentials:password
+    SONAR_USERNAME: /osdu/devops/sonar_credentials:username
+    SONAR_PASSWORD: /osdu/devops/sonar_credentials:password
+  
+  parameter-store:
+    SONAR_URL: /osdu/devops/sonar_url

 phases:
  install:
@@ -59,8 +64,7 @@ phases:
      - printenv

      - echo "Building primary service assemblies..."
-      - mvn -ntp -B test install -pl indexer-core,provider/indexer-aws -Ddeployment.environment=prod
-
+      - mvn -ntp -B test install sonar:sonar -pl .,indexer-core,provider/indexer-aws -Ddeployment.environment=prod -Dsonar.login=${SONAR_USERNAME} -Dsonar.password=${SONAR_PASSWORD} -Dsonar.branch.name=${BRANCH_NAME} 

 #      - echo "Copying assemblies to dist..."
 #      - cp ./provider/indexer-aws/target/*spring-boot.jar ${OUTPUT_DIR}/bin # copy aws jars
@@ -84,6 +88,10 @@ phases:
        python provider/indexer-aws/build-aws/build-info.py --branch ${CODEBUILD_SOURCE_VERSION} --commit ${CODEBUILD_RESOLVED_SOURCE_VERSION} \
          --buildid ${CODEBUILD_BUILD_ID} --buildnumber ${CODEBUILD_BUILD_NUMBER} --reponame ${REPO_NAME} --outdir ${OUTPUT_DIR} \
          --artifact ${ECR_IMAGE}
+
+  post_build:
+    commands:
+      - cp provider/indexer-aws/target/dependency-check-report.html ${OUTPUT_DIR}
 reports:
  SurefireReports: # CodeBuild will create a report group called "SurefireReports".
    files: #Store all of the files

--- a/provider/indexer-aws/maven/settings.xml
+++ b/provider/indexer-aws/maven/settings.xml
@@ -54,6 +54,17 @@ limitations under the License.
                <azure.devops.token>no-default</azure.devops.token>
            </properties>
        </profile>
+        <profile>
+            <id>sonar</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <properties>
+                <sonar.host.url>
+                    ${env.SONAR_URL}
+                </sonar.host.url>
+            </properties>
+        </profile>
    </profiles>

    <servers>

--- a/provider/indexer-aws/pom.xml
+++ b/provider/indexer-aws/pom.xml
@@ -161,6 +161,18 @@
            </execution>
          </executions>
        </plugin>
+        <plugin>
+          <groupId>org.owasp</groupId>
+          <artifactId>dependency-check-maven</artifactId>
+          <version>6.2.2</version>
+          <executions>
+              <execution>
+                  <goals>
+                      <goal>check</goal>
+                  </goals>
+              </execution>
+          </executions>
+      </plugin>
      </plugins>
  </build>
 </project>