build: generate and attach CycloneDX SBOM

2024-06-29 10:30:25 +02:00
parent 5f1f94f59c
commit 1a18e6b73b
2 changed files with 26 additions and 0 deletions
--- a/pom.xml
+++ b/pom.xml
@ -179,6 +179,11 @@
                        </argLine>
                    </configuration>
                </plugin>
+                <plugin>
+                    <groupId>org.cyclonedx</groupId>
+                    <artifactId>cyclonedx-maven-plugin</artifactId>
+                    <version>2.8.0</version>
+                </plugin>
                <plugin>
                    <groupId>org.jacoco</groupId>
                    <artifactId>jacoco-maven-plugin</artifactId>
@ -244,6 +249,26 @@
            </build>
        </profile>

+        <profile>
+            <id>sbom</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.cyclonedx</groupId>
+                        <artifactId>cyclonedx-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <phase>package</phase>
+                                <goals>
+                                    <goal>makeBom</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+
        <profile>
            <id>sign</id>
            <build>