• Home
• io.github.pmckeown
• dependency-track-maven-plugin
• 0.2.2
• source code
• UploadBomMojo.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.github.pmckeown.mojo.bom.UploadBomMojo Maven / Gradle / Ivy

package io.github.pmckeown.mojo.bom;


import io.github.pmckeown.mojo.AbstractDependencyTrackMojo;
import io.github.pmckeown.rest.model.Bom;
import io.github.pmckeown.rest.model.Response;
import io.github.pmckeown.util.BomEncoder;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.LifecyclePhase;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;

import java.util.Optional;

/**
 * Provides the capability to upload a Bill of Material (BOM) to your Dependency Track server.
 *
 * The BOM may any format supported by your Dependency Track server, has only been tested with the output from the
 * cyclonedx-maven-plugin in the
 * CycloneDX format
 *
 * Specific configuration options are:
 * 

 *     
bomLocation
 * 
 *
 * @author Paul McKeown
 */
@Mojo(name = "upload-bom", defaultPhase = LifecyclePhase.VERIFY)
public class UploadBomMojo extends AbstractDependencyTrackMojo {

    @Parameter(required = true, defaultValue = "target/bom.xml")
    private String bomLocation;

    private BomEncoder bomEncoder = new BomEncoder();

    public void execute() throws MojoFailureException {
        debug("Current working directory: %s", System.getProperty("user.dir"));
        debug("looking for bom.xml at %s", bomLocation);

        Optional encodedBomOptional = bomEncoder.encodeBom(bomLocation);

        boolean uploadFailed = false;

        if (encodedBomOptional.isPresent()) {
            info("Project Name: %s", projectName);
            info("Project Version: %s", projectVersion);

            debug("Base64 Encoded BOM: ", encodedBomOptional.get());

            Bom bom = new Bom(projectName, projectVersion, true, encodedBomOptional.get());
            Response response = dependencyTrackClient().uploadBom(bom);
            debug(response.toString());

            if (response.isSuccess()) {
                info("Bom uploaded to Dependency Track server");
            } else {
                uploadFailed = true;
                error("Failure integrating with Dependency Track.");
                error("Status: %d", response.getStatus());
                error("Status Text: %s", response.getStatusText());
            }

        } else {
            uploadFailed = true;
            error("No bom.xml could be located at: %s", bomLocation);
        }

        if (shouldFailOnError() && uploadFailed) {
            throw new MojoFailureException("Bom upload failed");
        }
    }

    /*
     * Setters for dependency injection in tests
     */
    void setBomLocation(String bomLocation) {
        this.bomLocation = bomLocation;
    }

    void setBomEncoder(BomEncoder bomEncoder) {
        this.bomEncoder = bomEncoder;
    }
}