pipeline {
    agent none
    options {
        timeout(time: 7, unit: 'HOURS')
    }
    triggers {
        cron('H 3 * * *')
    }

    stages {
        stage('Run the scan') {
            agent {
                docker {
                    label 'Jenkins-Agent-AL2-X64-C54xlarge-Docker-Host'
                    image 'opensearchstaging/ci-runner:centos7-x64-arm64-jdkmulti-node10.24.1-cypress6.9.1-20211028'
                    args '-e LANG=en_US.UTF-8'
                    registryUrl 'https://public.ecr.aws/'
                    alwaysPull true
                }
            }
            steps {
                script {
                    withCredentials([string(credentialsId: 'jenkins-whitesource-scan-apikey', variable: 'wss_apikey')]) {
                        echo 'Executing WhiteSource Scan script'
                        scan()
                    }
                }
            }
            post() {
                always {
                    cleanWs disableDeferredWipeout: true, deleteDirs: true
                }
            }
        }
    }
    post() {
        success {
            echo "WhiteSource scan has been completed."
        }
        failure {
            echo "WhiteSource scan failed."
        }
    }
}

void scan() {
    sh """
        curl -SLO https://services.gradle.org/distributions/gradle-7.4.2-bin.zip
        unzip gradle-7.4.2-bin.zip
        GRADLE_HOME=`realpath gradle-7.4.2`
        export PATH=\${GRADLE_HOME}/bin:\$PATH
        gradle --version
        cd ./tools/vulnerability-scan/
        ./wss-scan.sh
    """
}