Skip to content
Snippets Groups Projects
Commit c8e36f29 authored by OZGCloud's avatar OZGCloud
Browse files

Merge remote-tracking branch 'origin/master' into OZG-6472-upgrade-to-keycloak24

parents 489f3817 e2b5e58e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Jenkinsfile
+ 17
13
View file @ c8e36f29
...@@ -127,23 +127,27 @@ pipeline { ...@@ -127,23 +127,27 @@ pipeline {
} }
} }
stage ('OWASP Dependency-Check Vulnerabilities') { stage ('Deploy SBOM to DependencyTrack') {
steps { steps {
dependencyCheck additionalArguments: ''' script {
-o "./" IMAGE_TAG = generateImageTag()
-s "./"
-f "ALL" configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
-d /dependency-check-data withCredentials([string(credentialsId: 'dependency-track-api-key', variable: 'API_KEY')]) {
--suppression dependency-check-supressions.xml
--disableKnownExploited dir('user-manager-server') {
--noupdate
--disableArchive catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
--prettyPrint''', odcInstallation: 'dependency-check-owasp' sh "mvn --no-transfer-progress -s $MAVEN_SETTINGS io.github.pmckeown:dependency-track-maven-plugin:upload-bom -Ddependency-track.apiKey=$API_KEY -Ddependency-track.projectVersion=${IMAGE_TAG} -Ddependency-track.dependencyTrackBaseUrl=https://dependency-track.ozg-sh.de"
}
dependencyCheckPublisher pattern: 'dependency-check-report.xml' }
}
}
}
} }
} }
stage('Sonar Checks') { stage('Sonar Checks') {
when { when {
branch 'master' branch 'master'
......
pom.xml
+ 36
2
View file @ c8e36f29
...@@ -29,13 +29,13 @@ ...@@ -29,13 +29,13 @@
<parent> <parent>
<groupId>de.ozgcloud.common</groupId> <groupId>de.ozgcloud.common</groupId>
<artifactId>ozgcloud-common-dependencies</artifactId> <artifactId>ozgcloud-common-dependencies</artifactId>
<version>4.3.1</version> <version>4.3.2</version>
</parent> </parent>
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>de.ozgcloud.user</groupId> <groupId>de.ozgcloud.user</groupId>
<artifactId>user-manager</artifactId> <artifactId>user-manager</artifactId>
<version>2.7.0-SNAPSHOT</version> <version>2.8.0-SNAPSHOT</version>
<name>OZG-Cloud User Manager</name> <name>OZG-Cloud User Manager</name>
<packaging>pom</packaging> <packaging>pom</packaging>
...@@ -55,6 +55,11 @@ ...@@ -55,6 +55,11 @@
<maven-failsafe-plugin.version>3.2.5</maven-failsafe-plugin.version> <maven-failsafe-plugin.version>3.2.5</maven-failsafe-plugin.version>
<git-commit-id-maven-plugin.version>7.0.0</git-commit-id-maven-plugin.version> <git-commit-id-maven-plugin.version>7.0.0</git-commit-id-maven-plugin.version>
<maven-source.plugin.version>3.3.0</maven-source.plugin.version> <maven-source.plugin.version>3.3.0</maven-source.plugin.version>
<!-- TODO move to common-dependencies -->
<dependency-track-maven-plugin.version>1.7.0</dependency-track-maven-plugin.version>
<cyclonedx-maven-plugin.version>2.7.11</cyclonedx-maven-plugin.version>
</properties> </properties>
<modules> <modules>
...@@ -233,7 +238,36 @@ ...@@ -233,7 +238,36 @@
</execution> </execution>
</executions> </executions>
</plugin> </plugin>
<plugin>
<groupId>io.github.pmckeown</groupId>
<artifactId>dependency-track-maven-plugin</artifactId>
<version>${dependency-track-maven-plugin.version}</version>
<configuration>
<dependencyTrackBaseUrl>https://dependency-track.ozg-sh.de</dependencyTrackBaseUrl>
<failOnError>true</failOnError>
<createProject>true</createProject>
</configuration>
</plugin>
</plugins> </plugins>
</pluginManagement> </pluginManagement>
<plugins>
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<version>${cyclonedx-maven-plugin.version}</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>makeAggregateBom</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build> </build>
</project> </project>
user-manager-interface/pom.xml
+ 1
1
View file @ c8e36f29
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
<parent> <parent>
<groupId>de.ozgcloud.user</groupId> <groupId>de.ozgcloud.user</groupId>
<artifactId>user-manager</artifactId> <artifactId>user-manager</artifactId>
<version>2.7.0-SNAPSHOT</version> <version>2.8.0-SNAPSHOT</version>
</parent> </parent>
<artifactId>user-manager-interface</artifactId> <artifactId>user-manager-interface</artifactId>
......
user-manager-server/pom.xml
+ 1
1
View file @ c8e36f29
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
<parent> <parent>
<groupId>de.ozgcloud.user</groupId> <groupId>de.ozgcloud.user</groupId>
<artifactId>user-manager</artifactId> <artifactId>user-manager</artifactId>
<version>2.7.0-SNAPSHOT</version> <version>2.8.0-SNAPSHOT</version>
</parent> </parent>
<artifactId>user-manager-server</artifactId> <artifactId>user-manager-server</artifactId>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum - Datenschutz - Barrierefreiheit