.travis.yml

dist: yammy
language: java
services:
  - docker
sudo: true
install: true
before_install:
  - sudo apt-get install -y graphviz build-essential fakeroot devscripts debhelper dh-make bzr-builddeb postgresql-14 postgresql-client-14 postgresql-contrib-14 postgresql-14-pgaudit openssl locales tzdata ca-certificates-java ca-certificates wget openjdk-17-jdk-headless python3-pip ruby-full npm
addons:
  sonarcloud:
    organization: "hack23"
  chrome: stable
  apt:
    update: true    
env:
  global:
    - JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
    - PGPORT=5433
    
cache:
  directories:
  - $HOME/.m2

before_script:
  - "curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | sudo bash"
  - export DEBIAN_FRONTEND=noninteractive
  - sudo rm /etc/localtime
  - sudo ln -s /usr/share/zoneinfo/Europe/Stockholm /etc/localtime 
  - sudo dpkg-reconfigure -f noninteractive tzdata 
  - sudo echo 'LANG=\"en_US.UTF-8\"' | sudo tee --append /etc/default/locale
  - sudo locale-gen en_US.UTF-8 en_GB.UTF-8 sv_SE.UTF-8 
  - sudo dpkg-reconfigure --frontend=noninteractive locales
  - sudo service postgresql stop 14 | true
  - sudo sh -c "echo 'host all all 0.0.0.0/0 md5' | sudo tee --append /etc/postgresql/14/main/pg_hba.conf"
  - openssl rand -base64 48 > passphrase.txt
  - openssl genrsa -des3 -passout file:passphrase.txt -out server.pass.key 2048
  - openssl rsa -passin file:passphrase.txt -in server.pass.key -out server.key
  - rm server.pass.key
  - openssl req -new -key server.key -out server.csr -subj "/C=UK/ST=Postgresqll/L=Travis/O=Hack23/OU=demo/CN=localhost"
  - openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
  - rm passphrase.txt
  - rm server.csr
  - sudo cp server.crt /var/lib/postgresql/14/main/server.crt
  - sudo cp server.key /var/lib/postgresql/14/main/server.key
  - rm server.key
  - mkdir ~/.postgresql
  - cp server.crt ~/.postgresql/root.crt
  - chmod 700 ~/.postgresql/root.crt
  - rm server.crt
  - sudo chmod 700 /var/lib/postgresql/14/main/server.key
  - sudo chmod 700 /var/lib/postgresql/14/main/server.crt  
  - sudo chown -R postgres:postgres /var/lib/postgresql/14/main/
  - echo "ssl_cert_file = '/var/lib/postgresql/14/main/server.crt'" | sudo tee --append /etc/postgresql/14/main/postgresql.conf
  - echo "ssl_key_file = '/var/lib/postgresql/14/main/server.key'" | sudo tee --append /etc/postgresql/14/main/postgresql.conf
  - echo "max_prepared_transactions = 100" | sudo tee --append /etc/postgresql/14/main/postgresql.conf 
  - echo "shared_preload_libraries = 'pg_stat_statements, pgcrypto'" | sudo tee --append /etc/postgresql/14/main/postgresql.conf 
  - #echo "pgaudit.log = ddl" | sudo tee --append /etc/postgresql/14/main/postgresql.conf 
  - echo "pg_stat_statements.track = all" | sudo tee --append /etc/postgresql/14/main/postgresql.conf 
  - echo "pg_stat_statements.max = 10000" | sudo tee --append /etc/postgresql/14/main/postgresql.conf
  - echo "listen_addresses = '*'" | sudo tee --append /etc/postgresql/14/main/postgresql.conf
  - sudo service postgresql start 14
  - sudo -Hiu postgres psql -c "CREATE USER eris WITH password 'discord';" -U postgres
  - sudo -Hiu postgres psql -c "create database cia_dev" -U postgres
  - sudo -Hiu postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE cia_dev to eris;" -U postgres
  - sudo -Hiu postgres psql -U postgres -c "create extension pgcrypto" cia_dev
  - #sudo -Hiu postgres psql -U postgres -c "create extension pgaudit" cia_dev
  - sudo -Hiu postgres psql -U postgres -c "create extension pg_stat_statements" cia_dev  
  - sudo gem install cfn-nag  
  - sudo pip3 install cfn_flip checkov
  - sudo pip3 install checkov
  - sudo npm install cloudformation-graph -g 


script:
  - wget https://support.comodo.com/index.php?/Knowledgebase/Article/GetAttachment/966/820689 -O comodorsaaddtrustca.crt
  - sudo keytool -import -trustcacerts -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -alias comodorsaaddtrustca -import -file comodorsaaddtrustca.crt | true  
  - wget https://dlcdn.apache.org/maven/maven-3/3.8.6/binaries/apache-maven-3.8.6-bin.tar.gz
  - tar xzvf apache-maven-3.8.6-bin.tar.gz
  - export PATH=`pwd`/apache-maven-3.8.6/bin:$PATH
  - mvn -v
  - export PATH=$JAVA_HOME/bin:$PATH
  - export MAVEN_OPTS="-Duser.timezone=CET --add-exports java.base/sun.nio.ch=ALL-UNNAMED --add-exports java.base/jdk.internal.ref=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.lang.reflect=ALL-UNNAMED --add-opens java.base/java.text=ALL-UNNAMED --add-opens java.desktop/java.awt.font=ALL-UNNAMED"
  - xvfb-run --server-args="-screen 0 1920x1080x24" mvn clean install -Dtest=no -DfailIfNoTests=false -Dmaven.test.failure.ignore=true -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.javadoc.skip=true -B -V -Ddatabase.port=5433 -Dhttps.protocols=TLSv1.2 -q '-Dtest=!**.*ITest*'
  - mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155:sonar -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dhttps.protocols=TLSv1.2
  - #cd cia-dist-cloudformation/src/main/config/
  - #chmod a+x *.sh
  - #./cfn-cloudformation-flip.sh
  - #"./generate-cloudformation-doc.sh
 
after_success:
  - bash <(curl -s https://copilot.blackducksoftware.com/ci/travis/scripts/upload)
  - fossa init
  - fossa analyze