From 839d869137363a4a061d4158471a79eeaee25b38 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 2 Jun 2017 06:20:01 -0400
Subject: [PATCH] attempting to get coverity to scan via the matrix only when a
 cron job occurs

---
 .travis.yml | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index cc3c56072..ed2f38e1a 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,11 +3,22 @@ jdk: oraclejdk7
 script: mvn install -DreleaseTesting
 env:
   global:
-    secure: ZUzhWfpXJw/oAeDlUkDFkEJMT0T7kCN3d7ah8urkL2B0KFfKOqQagkbXkgvDa1SYud8VdcnoGa69LfkEr5IrdqW7R4bEYZAiN5swm4Z0iO8t53szVspm2f+O9jQ44O/sfOfpfLxWUUuhdc7Vbrszp+tSszxdPmssWL+f5a/mfWs=
-
+  - secure: ZUzhWfpXJw/oAeDlUkDFkEJMT0T7kCN3d7ah8urkL2B0KFfKOqQagkbXkgvDa1SYud8VdcnoGa69LfkEr5IrdqW7R4bEYZAiN5swm4Z0iO8t53szVspm2f+O9jQ44O/sfOfpfLxWUUuhdc7Vbrszp+tSszxdPmssWL+f5a/mfWs=
+  - secure: pmFymoI7qH0Kna3NkcHrqLiTVWKmrhwqA4Z9U6XLhWDQxcs5g94wCCKpGB6Lkz9mkvRxBRFpZZelnXJa9W9mnuVOMIa5tQfS5gBuaNXOe7AXXdc+Y2975OR9sSfvf16FxLFvNJILmZq+bpMLs+EXaQvjYQHW2O6OWZdLhAPVG6A=
 before_install:
-  - sudo apt-get install jq
-  - wget -O ~/codacy-coverage-reporter-assembly.jar https://oss.sonatype.org/service/local/repositories/releases/content/com/codacy/codacy-coverage-reporter/1.0.13/codacy-coverage-reporter-1.0.13-assembly.jar 
-
+- wget -O ~/codacy-coverage-reporter-assembly.jar https://oss.sonatype.org/service/local/repositories/releases/content/com/codacy/codacy-coverage-reporter/1.0.13/codacy-coverage-reporter-1.0.13-assembly.jar
 after_success:
-  - java -cp ~/codacy-coverage-reporter-assembly.jar com.codacy.CodacyCoverageReporter -l Java -r build-reporting/target/coverage-reports/jacoco.xml
+- java -cp ~/codacy-coverage-reporter-assembly.jar com.codacy.CodacyCoverageReporter
+  -l Java -r build-reporting/target/coverage-reports/jacoco.xml
+matrix:
+  include:
+  - env: CRON_ONLY=1
+    addons:
+      coverity_scan:
+        project:
+          name: OWASP dependency-check
+          version: 1.0
+          description: A software composition analsis tools that detects publicly
+            disclosed vulnerabilities in application dependencies.
+        build_command: mvn -DskipTests=true package
+        branch_pattern: master