From 186cfb180d1cfff8fec2ec593ed17c506d1f2e22 Mon Sep 17 00:00:00 2001
From: Bastian <bastian.heppener@mgm-tp.com>
Date: Mon, 27 Jan 2025 13:57:39 +0100
Subject: [PATCH] ozg-7492 add deploy sbom step
---
Jenkinsfile | 32 +++++++++++++++++++-------------
1 file changed, 19 insertions(+), 13 deletions(-)
diff --git a/Jenkinsfile b/Jenkinsfile
index 212182f..de0e362 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -92,20 +92,26 @@ pipeline {
}
}
- stage ('OWASP Dependency-Check Vulnerabilities') {
+ stage ('Deploy SBOM to DependencyTrack') {
+ when {
+ anyOf {
+ branch 'main'
+ branch 'release'
+ }
+ }
steps {
- dependencyCheck additionalArguments: '''
- -o "./"
- -s "./"
- -f "ALL"
- -d /dependency-check-data
- --suppression dependency-check-supressions.xml
- --noupdate
- --disableKnownExploited
- --disableArchive
- --prettyPrint''', odcInstallation: 'dependency-check-owasp'
-
- dependencyCheckPublisher pattern: 'dependency-check-report.xml'
+ script {
+ IMAGE_TAG = JAR_TAG
+
+ configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
+ withCredentials([string(credentialsId: 'dependency-track-api-key', variable: 'API_KEY')]) {
+
+ catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
+ sh "mvn --no-transfer-progress -s $MAVEN_SETTINGS io.github.pmckeown:dependency-track-maven-plugin:upload-bom -Ddependency-track.apiKey=$API_KEY -Ddependency-track.projectVersion=${env.BRANCH_NAME} -Ddependency-track.dependencyTrackBaseUrl=https://dependency-track.ozg-sh.de"
+ }
+ }
+ }
+ }
}
}
--
GitLab