echo "XX--- API CLI PR Verification: compliance-checks starts ---XX"

export JFROG_BEARER_TOKEN=$(get_env jfrog_bearer_token)  # account
export AUTH_TOKEN_PRIVATE_REGISTRY=$(get_env jfrog_token)  #npm
export JFROG_APIC_AUTH_TOKEN=$(get_env JFROG_APIC_AUTH_TOKEN)  # account
export JFROG_APIC_BEARER_TOKEN=$(get_env JFROG_APIC_BEARER_TOKEN)  #npm

exit_code=0

/opt/commons/compliance-checks/run.sh \
    'branch-protection' \
    'cra-bom-generate' \
    'cra-vulnerability-scan' \
    'cra-deploy-analysis' || exit_code=$?

if [ "$exit_code" != "0" ]; then
    echo "Compliance check failed (excluding mend-scan)"
    exit 1
fi

echo "Running mend-scan separately..."

/opt/commons/compliance-checks/run.sh 'mend-scan' || echo "Warning: mend-scan failed, but continuing..."

source $WORKSPACE/$PIPELINE_CONFIG_REPO_PATH/scripts/add_label.sh

echo "XX--- API CLI PR Verification: compliance-checks ends ---XX"