added Dockerfile and Maven build plugin for docker build process to unpack a fat Jar (for now)

2019-01-08 19:43:58 +01:00 · 2019-01-08 19:43:58 +01:00 · 126f0ea0f2
parent 48e81b1c4d
commit 126f0ea0f2
3 changed files with 75 additions and 1 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -4,4 +4,11 @@ sonarqube_master_job:
    - master
  script:
    - mvn --batch-mode org.owasp:dependency-check-maven:check
-    - mvn --batch-mode verify sonar:sonar -D sonar.host.url=$SONAR_URL -D sonar.login=$SONAR_LOGIN -D sonar.dependencyCheck.reportPath=$DEP_CHECK_REPORT_PATH_XML -D sonar.dependencyCheck.htmlReportPath=$DEP_CHECK_REPORT_PATH_HTML
+    - mvn --batch-mode verify sonar:sonar -D sonar.host.url=$SONAR_URL -D sonar.login=$SONAR_LOGIN -D sonar.dependencyCheck.reportPath=$DEP_CHECK_REPORT_PATH_XML -D sonar.dependencyCheck.htmlReportPath=$DEP_CHECK_REPORT_PATH_HTML
+
+dast_master_package_job:
+  stage: test
+  only:
+    - master
+  script:
+    - mvn --batch-mode package
--- a/7
+++ b/7
@ -0,0 +1,7 @@
+FROM openjdk:8-jdk-alpine
+VOLUME /tmp
+ARG DEPENDENCY=target/dependency
+COPY ${DEPENDENCY}/BOOT-INF/lib /app/lib
+COPY ${DEPENDENCY}/META-INF /app/META-INF
+COPY ${DEPENDENCY}/BOOT-INF/classes /app
+ENTRYPOINT ["java","-cp","app:app/lib/*","hello.Application"]
--- a/pom.xml
+++ b/pom.xml
@ -54,6 +54,12 @@
            <version>0.0.2</version>
        </dependency>

+        <dependency>
+            <groupId>org.cryptable.zap</groupId>
+            <artifactId>zap-maven-plugin</artifactId>
+            <version>1.6</version>
+        </dependency>
+

    </dependencies>

@ -74,6 +80,60 @@
                    <format>ALL</format>
                </configuration>
            </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>unpack</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>unpack</goal>
+                        </goals>
+                        <configuration>
+                            <artifactItems>
+                                <artifactItem>
+                                    <groupId>${project.groupId}</groupId>
+                                    <artifactId>${project.artifactId}</artifactId>
+                                    <version>${project.version}</version>
+                                </artifactItem>
+                            </artifactItems>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+
+            <plugin>
+            <groupId>org.cryptable.zap</groupId>
+            <artifactId>mavenplugin</artifactId>
+            <configuration>
+                <apiKey>12345</apiKey>
+                <zapProgram>C:\Program Files\ZAProxy\zap.bat</zapProgram>
+                <zapProxyHost>localhost</zapProxyHost>
+                <zapProxyPort>8080</zapProxyPort>
+                <targetURL>http://localhost/bodgeit</targetURL>
+                <format>html</format>
+            </configuration>
+            <executions>
+                <execution>
+                    <id>startZAP</id>
+                    <phase>pre-integration-test</phase>
+                    <goals>
+                        <goal>start-zap</goal>
+                    </goals>
+                </execution>
+                <execution>
+                    <id>porcessZAP</id>
+                    <phase>post-integration-test</phase>
+                    <goals>
+                        <goal>process-zap</goal>
+                    </goals>
+                </execution>
+            </executions>
+        </plugin>
+
+
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>