From e4a19f4622f40b35f59aaf8cc004b1d0111f2302 Mon Sep 17 00:00:00 2001
From: ronanbrowne88 <ronan.browne@r3.com>
Date: Sun, 10 Jul 2022 19:33:37 +0100
Subject: [PATCH 1/2] INFRA-1805 add snyk scanning to corda os 4.4

---
 .ci/dev/regression/Jenkinsfile | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.ci/dev/regression/Jenkinsfile b/.ci/dev/regression/Jenkinsfile
index 8c7031f85f..8a40dd814e 100644
--- a/.ci/dev/regression/Jenkinsfile
+++ b/.ci/dev/regression/Jenkinsfile
@@ -81,6 +81,7 @@ pipeline {
         CORDA_ARTIFACTORY_USERNAME = "${env.ARTIFACTORY_CREDENTIALS_USR}"
         DOCKER_URL = "https://index.docker.io/v1/"
         EMAIL_RECIPIENTS = credentials('corda4-email-recipient')
+        SNYK_API_KEY = "c4-os-snyk"
     }
 
     stages {
@@ -189,6 +190,15 @@ pipeline {
             }
         }
 
+        stage('Snyk Security') {
+            when {
+                expression { isReleaseTag || isReleaseCandidate || isReleaseBranch }
+            }
+            steps {
+                snykSecurityScan("${env.SNYK_API_KEY}", "--all-sub-projects --prune-repeated-subdependencies --debug --target-reference='${env.BRANCH_NAME}' --project-tags=Branch='${env.BRANCH_NAME.replaceAll("[^0-9|a-z|A-Z]+","_")}'")
+            }
+        }
+
         stage('All Tests') {
             when {
                 expression { params.DO_TEST }

From 9425bb5c197051e4b62f8b9a9c8efb742ba9fa0d Mon Sep 17 00:00:00 2001
From: ronanbrowne88 <ronan.browne@r3.com>
Date: Mon, 11 Jul 2022 22:01:25 +0100
Subject: [PATCH 2/2] INFRA-1697 minor tidy up

---
 .ci/dev/regression/Jenkinsfile | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/.ci/dev/regression/Jenkinsfile b/.ci/dev/regression/Jenkinsfile
index 8a40dd814e..f6a3b34f9f 100644
--- a/.ci/dev/regression/Jenkinsfile
+++ b/.ci/dev/regression/Jenkinsfile
@@ -464,14 +464,20 @@ pipeline {
             }
         }
         success {
-            script {
-                sendSlackNotifications("good", "BUILD PASSED", false, "#corda-corda4-open-source-build-notifications")
-            }
+        	script {
+        		sendSlackNotifications("good", "BUILD PASSED", false, "#corda-corda4-open-source-build-notifications")
+                if (isReleaseTag || isReleaseCandidate || isReleaseBranch) {
+                    snykSecurityScan.generateHtmlElements()
+                }
+        	}
         }
         unstable {
-            script {                 
-                sendSlackNotifications("warning", "BUILD UNSTABLE - Unstable Builds are likely a result of Nexus Sonar Scanner violations", false, "#corda-corda4-open-source-build-notifications")                      
-            }
+        	script {
+        		sendSlackNotifications("warning", "BUILD UNSTABLE - Unstable Builds are likely a result of Nexus Sonar Scanner violations", false, "#corda-corda4-open-source-build-notifications")
+                if (isReleaseTag || isReleaseCandidate || isReleaseBranch) {
+                    snykSecurityScan.generateHtmlElements()
+                }
+        	}
         }
         failure {
             script {