diff options
| author | Julien Carsique <julien.carsique@sonarsource.com> | 2022-04-11 10:10:08 +0200 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2022-05-24 20:10:14 +0000 |
| commit | 251e1fa5c7bb38ce93dc426ae2e395d44819f721 (patch) | |
| tree | 313028337403b141bac1aaf9d0a88941f7faa502 /sonar-application | |
| parent | aaf931d953e0610e875b24fd21069157330b8965 (diff) | |
| download | sonarqube-251e1fa5c7bb38ce93dc426ae2e395d44819f721.tar.gz sonarqube-251e1fa5c7bb38ce93dc426ae2e395d44819f721.zip | |
feat(BUILD-1436): sbom plugin
Diffstat (limited to 'sonar-application')
| -rw-r--r-- | sonar-application/build.gradle | 24 | ||||
| -rw-r--r-- | sonar-application/bundled_plugins.gradle | 34 |
2 files changed, 40 insertions, 18 deletions
diff --git a/sonar-application/build.gradle b/sonar-application/build.gradle index 6c33d0cb04a..d6316dfa401 100644 --- a/sonar-application/build.gradle +++ b/sonar-application/build.gradle @@ -6,6 +6,7 @@ plugins { id "com.github.hierynomus.license-report" id "com.github.johnrengelman.shadow" id "de.undercouch.download" + id "org.cyclonedx.bom" } sonarqube { @@ -32,8 +33,12 @@ configurations { bundledPlugin { transitive = false } - + bundledPlugin_deps { + extendsFrom bundledPlugin + transitive = true + } appLicenses.extendsFrom(compile, web, scanner, jsw, jdbc_mssql, jdbc_postgresql, jdbc_h2) + cyclonedx } jar.enabled = false @@ -63,6 +68,7 @@ dependencies { jsw 'tanukisoft:wrapper:3.2.3' scanner project(path: ':sonar-scanner-engine-shaded', configuration: 'shadow') + cyclonedx project(path: ':sonar-scanner-engine-shaded') web project(':server:sonar-web') shutdowner project(':sonar-shutdowner') @@ -307,10 +313,26 @@ artifacts { zip zip } artifactoryPublish.skip = false +def bomFile = layout.buildDirectory.file('reports/bom.json') +cyclonedxBom { + includeConfigs += ["runtimeClasspath", "jsw", "web", "shutdowner", "jdbc_mssql", "jdbc_postgresql", "jdbc_h2", "bundledPlugin_deps", + "cyclonedx"] + outputs.file bomFile + outputs.upToDateWhen { false } +} +def bomArtifact = artifacts.add('archives', bomFile.get().asFile) { + type 'json' + classifier 'cyclonedx' + builtBy 'cyclonedxBom' +} + publishing { publications { mavenJava(MavenPublication) { artifact zip } + mavenJava(MavenPublication) { + artifact bomArtifact + } } } diff --git a/sonar-application/bundled_plugins.gradle b/sonar-application/bundled_plugins.gradle index 0b9c387f89e..2704e429a55 100644 --- a/sonar-application/bundled_plugins.gradle +++ b/sonar-application/bundled_plugins.gradle @@ -1,19 +1,19 @@ dependencies { - bundledPlugin "org.sonarsource.dotnet:sonar-csharp-plugin@jar" - bundledPlugin "org.sonarsource.dotnet:sonar-vbnet-plugin@jar" - bundledPlugin 'org.sonarsource.flex:sonar-flex-plugin@jar' - bundledPlugin 'org.sonarsource.html:sonar-html-plugin@jar' - bundledPlugin 'org.sonarsource.java:sonar-java-plugin@jar' - bundledPlugin 'org.sonarsource.jacoco:sonar-jacoco-plugin@jar' - bundledPlugin 'org.sonarsource.javascript:sonar-javascript-plugin@jar' - bundledPlugin 'org.sonarsource.php:sonar-php-plugin@jar' - bundledPlugin 'org.sonarsource.python:sonar-python-plugin@jar' - bundledPlugin 'org.sonarsource.slang:sonar-go-plugin@jar' - bundledPlugin "org.sonarsource.kotlin:sonar-kotlin-plugin@jar" - bundledPlugin "org.sonarsource.slang:sonar-ruby-plugin@jar" - bundledPlugin "org.sonarsource.slang:sonar-scala-plugin@jar" - bundledPlugin 'org.sonarsource.xml:sonar-xml-plugin@jar' - bundledPlugin 'org.sonarsource.config:sonar-config-plugin@jar' - bundledPlugin 'org.sonarsource.iac:sonar-iac-plugin@jar' - bundledPlugin 'org.sonarsource.text:sonar-text-plugin@jar' + bundledPlugin "org.sonarsource.dotnet:sonar-csharp-plugin" + bundledPlugin "org.sonarsource.dotnet:sonar-vbnet-plugin" + bundledPlugin 'org.sonarsource.flex:sonar-flex-plugin' + bundledPlugin 'org.sonarsource.html:sonar-html-plugin' + bundledPlugin 'org.sonarsource.java:sonar-java-plugin' + bundledPlugin 'org.sonarsource.jacoco:sonar-jacoco-plugin' + bundledPlugin 'org.sonarsource.javascript:sonar-javascript-plugin' + bundledPlugin 'org.sonarsource.php:sonar-php-plugin' + bundledPlugin 'org.sonarsource.python:sonar-python-plugin' + bundledPlugin 'org.sonarsource.slang:sonar-go-plugin' + bundledPlugin "org.sonarsource.kotlin:sonar-kotlin-plugin" + bundledPlugin "org.sonarsource.slang:sonar-ruby-plugin" + bundledPlugin "org.sonarsource.slang:sonar-scala-plugin" + bundledPlugin 'org.sonarsource.xml:sonar-xml-plugin' + bundledPlugin 'org.sonarsource.config:sonar-config-plugin' + bundledPlugin 'org.sonarsource.iac:sonar-iac-plugin' + bundledPlugin 'org.sonarsource.text:sonar-text-plugin' } |