Skip to content

Commit

Permalink
Add experimental CycloneDX SBOM support
Browse files Browse the repository at this point in the history
  • Loading branch information
@Malax
Malax committed Sep 13, 2023
1 parent 78c310b commit 1e421c5
Show file tree
Hide file tree
Showing 6 changed files with 280 additions and 5 deletions.
172 changes: 167 additions & 5 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions buildpacks/maven/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,3 +21,5 @@ tar = "0.4.39"
libcnb-test.workspace = true
java-properties = "2"
buildpacks-jvm-shared-test.workspace = true
serde-cyclonedx = "0.8.4"
serde_json = "1.0.104"
1 change: 1 addition & 0 deletions buildpacks/maven/buildpack.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ clear-env = true
homepage = "https://github.com/heroku/buildpacks-jvm"
description = "Official Heroku buildpack for Maven applications."
keywords = ["java", "maven", "mvn"]
sbom-formats = ["application/vnd.cyclonedx+json"]

[[buildpack.licenses]]
type = "BSD-3-Clause"
Expand Down
27 changes: 27 additions & 0 deletions buildpacks/maven/src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@ use std::process::{Command, ExitStatus};
use buildpacks_jvm_shared_test as _;
#[cfg(test)]
use java_properties as _;
use libcnb::data::sbom::SbomFormat;
use libcnb::sbom::Sbom;
#[cfg(test)]
use libcnb_test as _;

Expand Down Expand Up @@ -267,8 +269,33 @@ impl Buildpack for MavenBuildpack {
MavenBuildpackError::MavenBuildUnexpectedExitCode,
)?;

util::run_command(
Command::new(&mvn_executable)
.current_dir(&context.app_dir)
.args(
maven_options.iter().chain(&internal_maven_options).chain(
[
String::from("-DoutputDirectory=bom/"),
String::from("org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom"),
]
.iter(),
),
)
.envs(&mvn_env),
MavenBuildpackError::MavenBuildIoError,
MavenBuildpackError::MavenBuildUnexpectedExitCode,
)?;

let mut build_result_builder = BuildResultBuilder::new();

build_result_builder = build_result_builder.launch_sbom(
Sbom::from_path(
SbomFormat::CycloneDxJson,
context.app_dir.join("bom/bom.json"),
)
.unwrap(),
);

if let Some(process) = framework::default_app_process(&context.app_dir)
.map_err(MavenBuildpackError::DefaultAppProcessError)?
{
Expand Down
1 change: 1 addition & 0 deletions buildpacks/maven/tests/integration/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ mod caching;
mod customization;
mod misc;
mod polyglot;
mod sbom;
mod settings_xml;
mod smoke;
mod versions;
Expand Down
Loading

0 comments on commit 1e421c5

Please sign in to comment.