Merge branch 'ozg-7492-sbom-dependency-tracker' into 'main'

Ozg 7492 sbom dependency tracker

See merge request !1

Jenkinsfile

@@ -92,20 +92,23 @@ pipeline {
             }
         }
 
-        stage ('OWASP Dependency-Check Vulnerabilities') {
+        stage ('Deploy SBOM to DependencyTrack') {
+            when {
+                anyOf {
+                    branch 'main'
+                    branch 'release'
+                }
+            }
             steps {
-                    dependencyCheck additionalArguments: ''' 
-                        -o "./" 
-                        -s "./"
-                        -f "ALL" 
-                        -d /dependency-check-data
-                        --suppression dependency-check-supressions.xml
-                        --noupdate
-                        --disableKnownExploited
-                        --disableArchive
-                        --prettyPrint''', odcInstallation: 'dependency-check-owasp'
-
-                    dependencyCheckPublisher pattern: 'dependency-check-report.xml'
+                script {
+                    configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
+                        withCredentials([string(credentialsId: 'dependency-track-api-key', variable: 'API_KEY')]) {
+                            catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
+                                sh "mvn  --no-transfer-progress -s $MAVEN_SETTINGS io.github.pmckeown:dependency-track-maven-plugin:upload-bom -Ddependency-track.apiKey=$API_KEY -Ddependency-track.projectVersion=${env.BRANCH_NAME} -Ddependency-track.dependencyTrackBaseUrl=https://dependency-track.ozg-sh.de"
+                            }
+                        }
+                    }
+                }
             }
         }