diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 9b1aaf80beee5dd7dc91817cf73e8a661f9d42f6..50c781e56b18a4f5c7bdee5aeedb3005ac662cda 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -12,6 +12,8 @@ variables:
AWS_TEST_SUBDIR: testing/notification-test-aws
AWS_SERVICE: notification
AWS_ENVIRONMENT: dev
+ AWS_DEPLOY_TARGET: EKS
+ AWS_EKS_DEPLOYMENT_NAME: os-notification
AZURE_SERVICE: notification
AZURE_BUILD_SUBDIR: provider/notification-azure
diff --git a/provider/notification-aws/build-aws/buildspec.yaml b/provider/notification-aws/build-aws/buildspec.yaml
index e5fc2bd6ed3d59236c0bdfba4a0308f4c33302fb..6d134addb8b5e83b8f9b07b83d24b9586dd41090 100644
--- a/provider/notification-aws/build-aws/buildspec.yaml
+++ b/provider/notification-aws/build-aws/buildspec.yaml
@@ -21,6 +21,11 @@ env:
secrets-manager:
DOCKER_USERNAME: /osdu/devops/docker_credentials:username
DOCKER_PASSWORD: /osdu/devops/docker_credentials:password
+ SONAR_USERNAME: /osdu/devops/sonar_credentials:username
+ SONAR_PASSWORD: /osdu/devops/sonar_credentials:password
+
+ parameter-store:
+ SONAR_URL: /osdu/devops/sonar_url
phases:
install:
@@ -58,7 +63,7 @@ phases:
- printenv
- echo "Building primary service assemblies..."
- - mvn -ntp -B test install -pl notification-core,provider/notification-aws -Ddeployment.environment=prod
+ - mvn -ntp -B test install sonar:sonar -pl .,notification-core,provider/notification-aws -Ddeployment.environment=prod -Dsonar.login=${SONAR_USERNAME} -Dsonar.password=${SONAR_PASSWORD} -Dsonar.branch.name=${BRANCH_NAME}
- echo "Building integration testing assemblies and gathering artifacts..."
- ./testing/notification-test-aws/build-aws/prepare-dist.sh
@@ -78,6 +83,9 @@ phases:
python provider/notification-aws/build-aws/build-info.py --branch ${CODEBUILD_SOURCE_VERSION} --commit ${CODEBUILD_RESOLVED_SOURCE_VERSION} \
--buildid ${CODEBUILD_BUILD_ID} --buildnumber ${CODEBUILD_BUILD_NUMBER} --reponame ${REPO_NAME} --outdir ${OUTPUT_DIR} \
--artifact ${ECR_IMAGE}
+ post_build:
+ commands:
+ - cp provider/notification-aws/target/dependency-check-report.html ${OUTPUT_DIR}
reports:
SurefireReports: # CodeBuild will create a report group called "SurefireReports".
files: #Store all of the files
diff --git a/provider/notification-aws/maven/settings.xml b/provider/notification-aws/maven/settings.xml
index 1bfc43ac96aafb6790498c6f0acef3ca0818a98f..3bd1cd4aa7ed183241e62e75d2b7f1a3f5ebc7aa 100644
--- a/provider/notification-aws/maven/settings.xml
+++ b/provider/notification-aws/maven/settings.xml
@@ -54,6 +54,17 @@ limitations under the License.
<azure.devops.token>no-default</azure.devops.token>
</properties>
</profile>
+ <profile>
+ <id>sonar</id>
+ <activation>
+ <activeByDefault>true</activeByDefault>
+ </activation>
+ <properties>
+ <sonar.host.url>
+ ${env.SONAR_URL}
+ </sonar.host.url>
+ </properties>
+ </profile>
</profiles>
<servers>
diff --git a/provider/notification-aws/pom.xml b/provider/notification-aws/pom.xml
index 85209b9106ecf2bf144c38d946ca1c03688f3e23..a586f4aaf721cecd034111c3ebe1541904ebfd26 100644
--- a/provider/notification-aws/pom.xml
+++ b/provider/notification-aws/pom.xml
@@ -116,6 +116,18 @@
<failOnMissingWebXml>false</failOnMissingWebXml>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>6.2.2</version>
+ <executions>
+ <execution>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
</plugins>
</build>
</project>