attempting to get coverity to scan via the matrix only when a cron job occurs

.travis.yml

@@ -3,11 +3,22 @@ jdk: oraclejdk7
 script: mvn install -DreleaseTesting
 env:
   global:
-    secure: ZUzhWfpXJw/oAeDlUkDFkEJMT0T7kCN3d7ah8urkL2B0KFfKOqQagkbXkgvDa1SYud8VdcnoGa69LfkEr5IrdqW7R4bEYZAiN5swm4Z0iO8t53szVspm2f+O9jQ44O/sfOfpfLxWUUuhdc7Vbrszp+tSszxdPmssWL+f5a/mfWs=
+  - secure: ZUzhWfpXJw/oAeDlUkDFkEJMT0T7kCN3d7ah8urkL2B0KFfKOqQagkbXkgvDa1SYud8VdcnoGa69LfkEr5IrdqW7R4bEYZAiN5swm4Z0iO8t53szVspm2f+O9jQ44O/sfOfpfLxWUUuhdc7Vbrszp+tSszxdPmssWL+f5a/mfWs=
-
+  - secure: pmFymoI7qH0Kna3NkcHrqLiTVWKmrhwqA4Z9U6XLhWDQxcs5g94wCCKpGB6Lkz9mkvRxBRFpZZelnXJa9W9mnuVOMIa5tQfS5gBuaNXOe7AXXdc+Y2975OR9sSfvf16FxLFvNJILmZq+bpMLs+EXaQvjYQHW2O6OWZdLhAPVG6A=
 before_install:
-  - sudo apt-get install jq
+- wget -O ~/codacy-coverage-reporter-assembly.jar https://oss.sonatype.org/service/local/repositories/releases/content/com/codacy/codacy-coverage-reporter/1.0.13/codacy-coverage-reporter-1.0.13-assembly.jar
-  - wget -O ~/codacy-coverage-reporter-assembly.jar https://oss.sonatype.org/service/local/repositories/releases/content/com/codacy/codacy-coverage-reporter/1.0.13/codacy-coverage-reporter-1.0.13-assembly.jar 
-
 after_success:
-  - java -cp ~/codacy-coverage-reporter-assembly.jar com.codacy.CodacyCoverageReporter -l Java -r build-reporting/target/coverage-reports/jacoco.xml
+- java -cp ~/codacy-coverage-reporter-assembly.jar com.codacy.CodacyCoverageReporter
+  -l Java -r build-reporting/target/coverage-reports/jacoco.xml
+matrix:
+  include:
+  - env: CRON_ONLY=1
+    addons:
+      coverity_scan:
+        project:
+          name: OWASP dependency-check
+          version: 1.0
+          description: A software composition analsis tools that detects publicly
+            disclosed vulnerabilities in application dependencies.
+        build_command: mvn -DskipTests=true package
+        branch_pattern: master