X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=jjb%2Flf-maven-jobs.yaml;h=528e15041e2a14325f6c8b67cb792cc3ff0b4e55;hb=refs%2Ftags%2Fv0.75.0;hp=04ae40fabeca224595b0305093a868f87ed47f35;hpb=24d80c063923fc2ae4e76a5797ae471601c18569;p=releng%2Fglobal-jjb.git

diff --git a/jjb/lf-maven-jobs.yaml b/jjb/lf-maven-jobs.yaml
index 04ae40fa..528e1504 100644
--- a/jjb/lf-maven-jobs.yaml
+++ b/jjb/lf-maven-jobs.yaml
@@ -842,6 +842,9 @@
     mvn-version: mvn35
     ossrh-profile-id: ""
     mvn-pom: ""
+    sbom-flags: ""
+    sbom-generator: false
+    sbom-generator-version: "v0.0.10"
     sign-artifacts: false
     sign-mode: serial
     stream: master
@@ -889,6 +892,10 @@
           name: STAGING_PROFILE_ID
           default: "{staging-profile-id}"
           description: Nexus staging profile ID.
+      - string:
+          name: SBOM_GENERATOR_VERSION
+          default: "{sbom-generator-version}"
+          description: SBOM generator version to download and run.
 
     builders:
       - lf-infra-pre-build
@@ -909,6 +916,14 @@
       - shell: !include-raw-escape: ../shell/maven-patch-release.sh
       - lf-maven-build:
           mvn-goals: "{mvn-goals}"
+      # With SBOM Generator
+      - conditional-step:
+          condition-kind: boolean-expression
+          condition-expression: "{sbom-generator}"
+          steps:
+            - shell: echo 'Running SBOM Generator'
+            - lf-infra-maven-sbom-generator:
+                sbom-flags: "{sbom-flags}"
       - lf-sigul-sign-dir:
           sign-artifacts: "{sign-artifacts}"
           sign-dir: "$WORKSPACE/m2repo"
@@ -1138,6 +1153,7 @@
     sonarcloud-project-key: ""
     sonarcloud-project-organization: ""
     sonarcloud-api-token: ""
+    sonarcloud-qualitygate-wait: false
     # SonarCloud scan using jdk8 will become deprecated by Oct, 2020
     # Projects not compatible with jdk11 can set java-version to something else
     sonarcloud-java-version: openjdk11
@@ -1224,6 +1240,7 @@
                 sonarcloud-project-organization: "{sonarcloud-project-organization}"
                 sonarcloud-api-token: "{sonarcloud-api-token}"
                 sonarcloud-java-version: "{sonarcloud-java-version}"
+                sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
                 scan-dev-branch: "{scan-dev-branch}"
       # With SonarQube
       - conditional-step:
@@ -1259,6 +1276,7 @@
                 sonarcloud-project-organization: "{sonarcloud-project-organization}"
                 sonarcloud-api-token: "{sonarcloud-api-token}"
                 sonarcloud-java-version: "{sonarcloud-java-version}"
+                sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
                 scan-dev-branch: "{scan-dev-branch}"
       # With SonarQube
       - conditional-step:
@@ -1274,6 +1292,16 @@
                 mvn-settings: "{mvn-settings}"
                 mvn-version: "{mvn-version}"
 
+- builder:
+    name: lf-infra-maven-sbom-generator
+    # Run Maven goals and trigger SPDX SBOM Generator tool
+    builders:
+      - inject:
+          properties-content: |
+            SBOM_FLAGS={sbom-flags}
+      - shell: !include-raw-escape:
+          - ../shell/sbom-generator.sh
+
 - builder:
     name: lf-infra-maven-sonar
     # Run a Sonar build with Maven
@@ -1313,6 +1341,7 @@
             API_TOKEN={sonarcloud-api-token}
             SONARCLOUD_JAVA_VERSION={sonarcloud-java-version}
             SCAN_DEV_BRANCH={scan-dev-branch}
+            SONARCLOUD_QUALITYGATE_WAIT={sonarcloud-qualitygate-wait}
       - lf-provide-maven-settings:
           global-settings-file: global-settings
           settings-file: "{mvn-settings}"
@@ -1350,6 +1379,7 @@
 
     sonarcloud: true
     scan-dev-branch: true
+    sonarcloud-qualitygate-wait: false
 
     gerrit_sonar_triggers:
       - patchset-created-event: