-
Notifications
You must be signed in to change notification settings - Fork 46
/
buildspec.yml
50 lines (50 loc) · 2.16 KB
/
buildspec.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
version: 0.2
env:
parameter-store:
###############################################################
# INTEGRATE FORTIFY ON DEMAND #
# FOD_RELEASE_ID_LOCAL: "/fod/releaseid"
# FCLI_DEFAULT_FOD_TENANT_LOCAL: "/fod/tenant"
# FCLI_DEFAULT_FOD_URL_LOCAL: "/fod/url"
# FCLI_DEFAULT_FOD_CLIENT_ID_LOCAL: "/fod/client_id"
# FCLI_DEFAULT_FOD_CLIENT_SECRET_LOCAL: "/fod/client_secret"
###############################################################
# INTEGRATE FORTIFY SCANCENTRAL #
FCLI_DEFAULT_SC_SAST_CLIENT_AUTH_TOKEN: "/fortify/client_auth_token"
FCLI_DEFAULT_SSC_USER: "/fortify/ssc_user"
FCLI_DEFAULT_SSC_PASSWORD: "/fortify/ssc_password"
FCLI_DEFAULT_SSC_CI_TOKEN: "/fortify/ci_token"
FCLI_DEFAULT_SSC_URL: "/fortify/ssc_url"
SSC_APP_VERSION_ID: "/fortify/ssc_app_versionid"
SSC_IP_LOCAL: "/fortify/ssc_ip"
phases:
install:
runtime-versions:
java: corretto17
commands:
# Upgrade AWS CLI to the latest version
#- pip install --upgrade awscli
pre_build:
commands:
- mvn clean
build:
commands:
- mvn -Pwar clean package
post_build:
commands:
###############################################################
# INTEGRATE FORTIFY SAST #
# #
# For FORTIFY ON DEMAND uncomment the next line #
#- bash devops-integrations/aws/fortify-sast-fod.bash
#- bash devops-integrations/aws/fortify_sast_local_java_template.bash
# #
# For FORTIFY SCANCENTRAL uncomment the next line #
- bash devops-integrations/aws/fortify_sast_scancentral.bash
# #
# #
###############################################################
artifacts:
files:
- 'devops-integrations/aws/*'
- 'target/iwa.war'