From 88db1fa571802f957ea3fc1aebd5b5ccc6cb4e6b Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Wed, 10 Apr 2024 22:14:11 +0200
Subject: [PATCH] OZG-4833 add sbom

---
 ozgcloud-common-parent/pom.xml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/ozgcloud-common-parent/pom.xml b/ozgcloud-common-parent/pom.xml
index 465cd2a..6563728 100644
--- a/ozgcloud-common-parent/pom.xml
+++ b/ozgcloud-common-parent/pom.xml
@@ -65,6 +65,9 @@
 
 		<!--overriden for issue CVE-2021-26291-->
 		<git-commit-id-maven-plugin.version>7.0.0</git-commit-id-maven-plugin.version>
+
+		<dependency-track-maven-plugin.version>1.7.0</dependency-track-maven-plugin.version>
+		<cyclonedx-maven-plugin.version>2.7.11</cyclonedx-maven-plugin.version>
 	</properties>
 
 	<dependencyManagement>
@@ -336,6 +339,18 @@
 						</dependency>
 					</dependencies>
 				</plugin>
+
+				<plugin>
+					<groupId>io.github.pmckeown</groupId>
+					<artifactId>dependency-track-maven-plugin</artifactId>
+					<version>${dependency-track-maven-plugin.version}</version>
+					<configuration>
+						<dependencyTrackBaseUrl>https://dependency-track.ozg-sh.de</dependencyTrackBaseUrl>
+						<verifySsl>false</verifySsl>
+						<failOnError>true</failOnError>
+						<createProject>true</createProject>
+					</configuration>
+				</plugin>
 			</plugins>
 		</pluginManagement>
 
@@ -345,6 +360,20 @@
 				<artifactId>rewrite-maven-plugin</artifactId>
 				<version>${rewrite.plugin.version}</version>
 			</plugin>
+
+			<plugin>
+				<groupId>org.cyclonedx</groupId>
+				<artifactId>cyclonedx-maven-plugin</artifactId>
+				<version>${cyclonedx-maven-plugin.version}</version>
+				<executions>
+					<execution>
+						<phase>package</phase>
+						<goals>
+							<goal>makeAggregateBom</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
 		</plugins>
 	</build>
 
-- 
GitLab