hello-java/cloudbuild.yaml at main · chuckaude/hello-java · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
steps:
- name: 'maven:3-eclipse-temurin-21'
  id: 'build'
  entrypoint: 'mvn'
  args: ['-B','-DskipTests','package']

- name: 'maven:3-eclipse-temurin-21'
  id: 'coverity'
  waitFor: ['build']
  env:
  - 'BRIDGECLI_LINUX64=https://repo.blackduck.com/artifactory/bds-integrations-release/com/blackduck/integration/bridge/binaries/bridge-cli-bundle/latest/bridge-cli-bundle-linux64.zip'
  - 'BRIDGE_COVERITY_CONNECT_URL=https://coverity.field-test.blackduck.com'
  - 'BRIDGE_COVERITY_CONNECT_PROJECT_NAME=$REPO_NAME'
  - 'BRIDGE_COVERITY_CONNECT_STREAM_NAME=$BRANCH_NAME'
  - 'BRIDGE_COVERITY_LOCAL=false'   # set to true for local analysis with full client
  secretEnv: ['BRIDGE_COVERITY_CONNECT_USER_NAME','BRIDGE_COVERITY_CONNECT_USER_PASSWORD']
  script: |
    exit 0 # no disabled step option so use exit
    apt-get -qq update && apt-get install -y curl file unzip
    curl -fLsS -o bridge.zip $BRIDGECLI_LINUX64 && unzip -qo -d /tmp bridge.zip && rm -f bridge.zip
    /tmp/bridge-cli-bundle-linux64/bridge-cli --stage connect

- name: 'maven:3-eclipse-temurin-21'
  id: 'blackduck'
  waitFor: ['build']
  env:
  - 'BRIDGECLI_LINUX64=https://repo.blackduck.com/artifactory/bds-integrations-release/com/blackduck/integration/bridge/binaries/bridge-cli-bundle/latest/bridge-cli-bundle-linux64.zip'
  - 'BRIDGE_BLACKDUCKSCA_URL=https://sca.field-test.blackduck.com'
  - 'DETECT_PROJECT_NAME=$REPO_NAME'
  - 'DETECT_PROJECT_VERSION_NAME=$BRANCH_NAME'
  - 'DETECT_CODE_LOCATION_NAME=$REPO_NAME-$BRANCH_NAME'
  secretEnv: ['BRIDGE_BLACKDUCKSCA_TOKEN']
  script: |
    exit 0 # no disabled step option so use exit
    apt-get -qq update && apt-get install -y curl file unzip
    curl -fLsS -o bridge.zip $BRIDGECLI_LINUX64 && unzip -qo -d /tmp bridge.zip && rm -f bridge.zip
    /tmp/bridge-cli-bundle-linux64/bridge-cli --stage blackducksca

- name: 'maven:3-eclipse-temurin-21'
  id: 'polaris'
  waitFor: ['build']
  env:
  - 'BRIDGECLI_LINUX64=https://repo.blackduck.com/artifactory/bds-integrations-release/com/blackduck/integration/bridge/binaries/bridge-cli-bundle/latest/bridge-cli-bundle-linux64.zip'
  - 'BRIDGE_POLARIS_SERVERURL=https://poc.polaris.blackduck.com'
  - 'BRIDGE_POLARIS_ASSESSMENT_TYPES=SAST,SCA'
  - 'BRIDGE_POLARIS_APPLICATION_NAME=chuckaude-$REPO_NAME'
  - 'BRIDGE_POLARIS_PROJECT_NAME=$REPO_NAME'
  - 'BRIDGE_POLARIS_BRANCH_NAME=$BRANCH_NAME'
  secretEnv: ['BRIDGE_POLARIS_ACCESSTOKEN']
  script: |
    apt-get -qq update && apt-get install -y curl file unzip
    curl -fLsS -o bridge.zip $BRIDGECLI_LINUX64 && unzip -qo -d /tmp bridge.zip && rm -f bridge.zip
    /tmp/bridge-cli-bundle-linux64/bridge-cli --stage polaris

availableSecrets:
  secretManager:
  - versionName: 'projects/$PROJECT_ID/secrets/coverityUsername/versions/latest'
    env: 'BRIDGE_COVERITY_CONNECT_USER_NAME'
  - versionName: 'projects/$PROJECT_ID/secrets/coverityPassword/versions/latest'
    env: 'BRIDGE_COVERITY_CONNECT_USER_PASSWORD'
  - versionName: 'projects/$PROJECT_ID/secrets/blackduckApiToken/versions/latest'
    env: 'BRIDGE_BLACKDUCK_TOKEN'
  - versionName: 'projects/$PROJECT_ID/secrets/polarisAccessToken/versions/latest'
    env: 'BRIDGE_POLARIS_ACCESSTOKEN'