From f0e257890445d537713c897e827a80f2b2752387 Mon Sep 17 00:00:00 2001 From: Manuel Fuchs Date: Mon, 30 Sep 2024 13:39:39 +0200 Subject: [PATCH] Move SBOM feature behind env var feature flag --- buildpacks/maven/src/main.rs | 58 ++++++++++++---------- buildpacks/maven/tests/integration/sbom.rs | 2 +- 2 files changed, 34 insertions(+), 26 deletions(-) diff --git a/buildpacks/maven/src/main.rs b/buildpacks/maven/src/main.rs index c7a0b6ca..0de4bb54 100644 --- a/buildpacks/maven/src/main.rs +++ b/buildpacks/maven/src/main.rs @@ -251,34 +251,42 @@ impl Buildpack for MavenBuildpack { MavenBuildpackError::MavenBuildUnexpectedExitCode, )?; - let sbom_dir = std::env::temp_dir().join("heroku-maven-sbom"); - fs::create_dir_all(&sbom_dir) - .map_err(MavenBuildpackError::CannotCreateTemporarySbomDirectory)?; - - util::run_command( - Command::new(&mvn_executable) - .current_dir(&context.app_dir) - .args( - maven_options.iter().chain(&internal_maven_options).chain( - [ - format!("-DoutputDirectory={}", sbom_dir.to_string_lossy()), - String::from("-DschemaVersion=1.4"), - String::from("org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom"), - ] - .iter(), - ), - ) - .envs(&mvn_env), - MavenBuildpackError::MavenBuildIoError, - MavenBuildpackError::MavenBuildUnexpectedExitCode, - )?; - let mut build_result_builder = BuildResultBuilder::new(); - let launch_sbom = Sbom::from_path(SbomFormat::CycloneDxJson, sbom_dir.join("bom.json")) - .map_err(MavenBuildpackError::CannotReadMavenSbomFile)?; + if current_or_platform_env + .get("ENABLE_EXPERIMENTAL") + .is_some_and(|value| value == "true") + { + let sbom_dir = std::env::temp_dir().join("heroku-maven-sbom"); + fs::create_dir_all(&sbom_dir) + .map_err(MavenBuildpackError::CannotCreateTemporarySbomDirectory)?; + + util::run_command( + Command::new(&mvn_executable) + .current_dir(&context.app_dir) + .args( + maven_options.iter().chain(&internal_maven_options).chain( + [ + format!("-DoutputDirectory={}", sbom_dir.to_string_lossy()), + String::from("-DoutputName=bom"), + String::from("-DschemaVersion=1.4"), + String::from( + "org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom", + ), + ] + .iter(), + ), + ) + .envs(&mvn_env), + MavenBuildpackError::MavenBuildIoError, + MavenBuildpackError::MavenBuildUnexpectedExitCode, + )?; - build_result_builder = build_result_builder.launch_sbom(launch_sbom); + let launch_sbom = Sbom::from_path(SbomFormat::CycloneDxJson, sbom_dir.join("bom.json")) + .map_err(MavenBuildpackError::CannotReadMavenSbomFile)?; + + build_result_builder = build_result_builder.launch_sbom(launch_sbom); + } if let Some(process) = framework::default_app_process(&context.app_dir) .map_err(MavenBuildpackError::DefaultAppProcessError)? diff --git a/buildpacks/maven/tests/integration/sbom.rs b/buildpacks/maven/tests/integration/sbom.rs index fa0a0df8..014313e9 100644 --- a/buildpacks/maven/tests/integration/sbom.rs +++ b/buildpacks/maven/tests/integration/sbom.rs @@ -7,7 +7,7 @@ use serde_cyclonedx::cyclonedx::v_1_4::{Component, CycloneDx, HashAlg}; #[test] #[ignore = "integration test"] pub(crate) fn sbom() { - TestRunner::default().build(default_build_config("test-apps/simple-http-service"), |context| { + TestRunner::default().build(default_build_config("test-apps/simple-http-service").env("ENABLE_EXPERIMENTAL", "true"), |context| { context.download_sbom_files(|sbom_files| { let sbom_path = sbom_files.path_for( buildpack_id!("heroku/maven"),