File tree Expand file tree Collapse file tree 3 files changed +23
-1
lines changed
Expand file tree Collapse file tree 3 files changed +23
-1
lines changed Original file line number Diff line number Diff line change 2121 - name : Build with Gradle
2222 run : ./gradlew build
2323 - name : Publish to Maven
24- run : ./gradlew publish
24+ run : ./gradlew publish
25+ - name : Generate CycloneDX BOM
26+ run : ./gradlew cyclonedxBom
27+ - name : Strip leading v from tag
28+ if : startsWith(github.ref, 'refs/tags/')
29+ run : echo "VERSION=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV"
30+ - run : |
31+ echo "Version: $VERSION"
32+ name: Display Version
33+ name : Upload BOM to Dependency-Track
34+ uses : DependencyTrack/gh-upload-sbom@v3
35+ with :
36+ serverhostname : ${{ secrets.DEPENDENCYTRACK_HOSTNAME }}
37+ apikey : ${{ secrets.DEPENDENCYTRACK_APIKEY }}
38+ projectname : " Vulpes Base"
39+ projectversion : ${{ env.VERSION }}
40+ projecttags : ' java,minestom'
41+ bomfilename : " build/reports/cyclonedx/bom.xml"
42+ autocreate : true
43+ parent : ' b82ab979-123b-4b6a-a9db-494ab852eebb'
Original file line number Diff line number Diff line change @@ -3,6 +3,7 @@ plugins {
33 `java- library`
44 `maven- publish`
55 alias(libs.plugins.shadow)
6+ alias(libs.plugins.cyclonedx)
67}
78
89group = " net.onelitefeather"
Original file line number Diff line number Diff line change @@ -26,6 +26,7 @@ dependencyResolutionManagement {
2626 version(" shadow" " 9.3.0"
2727 version(" bom" " 1.6.0"
2828 version(" worldSeed" " 11.5.5"
29+ version(" cyclonedx" " 3.0.1"
2930
3031 library(" mycelium.bom" " net.onelitefeather" " mycelium-bom" " bom"
3132 library(" minestom" " net.minestom" " minestom"
@@ -39,6 +40,7 @@ dependencyResolutionManagement {
3940 library(" worldSeed" " net.worldseed.multipart" " WorldSeedEntityEngine" " worldSeed"
4041
4142 plugin(" shadow" " com.gradleup.shadow" " shadow"
43+ plugin(" cyclonedx" " org.cyclonedx.bom" " cyclonedx"
4244 }
4345 }
4446}
You can’t perform that action at this time.
0 commit comments